this post was submitted on 03 Nov 2025
207 points (97.7% liked)

Linux

15529 readers
79 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
207
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware (cybersecuritynews.com)
submitted 3 months ago by RegularJoe@lemmy.world to c/linux@lemmy.world
93 comments fedilink hide all child comments
 

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

you are viewing a single comment's thread
view the rest of the comments
[–] BCsven@lemmy.ca 8 points 3 months ago (3 children)

So a non issue unless somebody has physical access to the machine?

[–] who@feddit.org 22 points 3 months ago* (last edited 3 months ago) (1 children)

Unfortunately, it's not that simple, because attacks often involve "exploit chains". In this case, an attacker would use a different vulnerability to gain code execution capability, and then use that capability to exploit this vulnerability.

Update your systems, folks.

[–] BCsven@lemmy.ca 1 points 3 months ago

Understood

[–] bookmeat@lemmynsfw.com 8 points 3 months ago (1 children)

No. They just have to be able to place exploit code onto your machine and have it run.

[–] BCsven@lemmy.ca -2 points 3 months ago (1 children)

If they can place exploit code on my machine, I think its already game over, regardless of that bug

[–] CriticalMiss@lemmy.world 8 points 3 months ago (1 children)

Not necessarily, if you follow proper hosting etiquette, then even if they break in they should only be a standard user and have no access to the rest of your system. But most self hosters just run everything as root as it’s less of a hassle.

[–] BCsven@lemmy.ca 1 points 3 months ago

I guess I was thinking of the many Linux users I have encountered that sets same user and root password, or has sudo as passwordless. SMH

[–] henfredemars@infosec.pub 1 points 3 months ago (1 children)

Not directly, but as other comment has mentioned, it reduces the overall security posture because it could be combined with other flaws known and unknown.

[–] BCsven@lemmy.ca 1 points 3 months ago

Yeah, less vectors are better