Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
Tag: Linux kernel
Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Notice
Overview Recently, NSFOCUS CERT detected that the details and verification tools of a Linux kernel privilege escalation vulnerability (CVE-2024-1086) are disclosed on the internet. Because the netfilter: nf _ tables component of the Linux kernel has a post-release reuse vulnerability, the nft _ verdict _ init () function allows positive...
Linux Kernel Privilege Escalation Vulnerability (CVS 2023-32233) Notice
Overview Recently, NSFOCUS CERT found that the PoC of Linux Kernel privilege escalation vulnerability (CVE-2023-32233) was publicly disclosed online. There is a use-after-free vulnerability in Linux kernel's subsystem Netfilter nf_tables, which can be exploited by authenticated local attackers to perform arbitrary read and write operations in kernel memory, ultimately elevating...
Multiple Security Vulnerabilities in Linux Kernel
Overview On December 26, 2022, NSFOCUS CERT detected multiple security vulnerabilities in Linux Kernel released online, relevant users are requested to take protective measures as soon as possible. Linux Kernel Remote Code Execution Vulnerability (CVE-2022-47939): A remote code execution vulnerability exists in Linux Kernel SMB2_TREE_DISCONNECT command processing. Due to the...
Linux Kernel Privilege Escalation Vulnerability (CVE-2022-0847) Alert
Overview Recently, NSFOCUS CERT detected that a security researcher disclosed a local privilege escalation vulnerability (CVE-2022-0847) in the Linux kernel. Due to a flaw in the correct initialization of the copy_page_to_iter_pipe and push_pipe functions in the Linux kernel, an attacker can overwrite the data in any readable file by exploiting...
Linux Kernel Arbitrary Code Execution Vulnerability (CVE-2021-3490) Threat Alert
Overview Recently, NSFOCUS CERT found that a security researcher published details and the PoC of an arbitrary code execution vulnerability (CVE-2021-3490) in eBPF and exploited this vulnerability to cause local privilege escalation on Ubuntu 20.10 and 21.04. This vulnerability exists because the eBPF ALU32 bounds tracking for bitwise ops (AND,...
