this post was submitted on 03 Nov 2025
207 points (97.7% liked)

Linux

14310 readers
7 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
207
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware (cybersecuritynews.com)
submitted 1 month ago by RegularJoe@lemmy.world to c/linux@lemmy.world
95 comments fedilink hide all child comments
 

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

you are viewing a single comment's thread
view the rest of the comments
[–] turdas@suppo.fi 90 points 1 month ago (4 children)

This only affects positively ancient kernels:

From (including) 3.15 Up to (excluding) 5.15.149 From (including) 6.1 Up to (excluding) 6.1.76 From (including) 6.2 Up to (excluding) 6.6.15 From (including) 6.7 Up to (excluding) 6.7.3

[–] somerandomperson@lemmy.dbzer0.com 32 points 1 month ago

fuck my phone running android is vulnerable

[–] unwillingsomnambulist@midwest.social 16 points 1 month ago (3 children)

If I’m not mistaken, RHEL9 and equivalents are on 5.15. That’s a pretty big blast radius.

[–] turdas@suppo.fi 8 points 1 month ago (1 children)

They will probably have a version newer than 5.15.149.

[–] unwillingsomnambulist@midwest.social 1 points 1 month ago

AliasAKA is correct, it’s actually 5.14, not 5.15 like I thought.

[–] Brosplosion@lemmy.zip 4 points 1 month ago

RHEL is on 5.15 in spirit only. They backport tons of patches to the point that 5.15 modules don't build against it

[–] AliasAKA@lemmy.world 3 points 1 month ago (1 children)

I think RHEL9 uses 5.14 as base

[–] unwillingsomnambulist@midwest.social 1 points 1 month ago

You’re right, it’s 5.14 not 5.15 like I thought. I’m spending most of my time im Debian these days though, so I’m glad I wasn’t too far off.

[–] anamethatisnt@sopuli.xyz 4 points 1 month ago (1 children)

Debian Bookworm (Debian 12/oldstable) would be affected then, I think?

[–] turdas@suppo.fi 9 points 1 month ago (1 children)

It looks to be on 6.1.153 currently which is much newer than 6.1.76.

[–] anamethatisnt@sopuli.xyz 1 points 1 month ago

Sweet, cheers for checking - I just remembered it being on 6.1.?

[–] Lost_My_Mind@lemmy.world 2 points 1 month ago (1 children)

How would I know what kernal I have?

[–] turdas@suppo.fi 16 points 1 month ago

With the uname -a command