CVE-2024-1086 - Linux Kernel Use-After-Free Vulnerability
Project:Linux
Product:Kernel
Date Added:2024-05-30Due Date:2024-06-20
Vulnerability Name
Linux Kernel Use-After-Free Vulnerability
Description
Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660
https://nvd.nist.gov/vuln/detail/CVE-2024-1086
Related News Articles
CISA warns of actively exploited Linux privilege elevation flawJune 1, 2024
