Critical Linux Kernel Vulnerability Allows Hackers to Gain Root Access

CVECVE-2023-31248
CVSScvssV3_1: 7.8
SourceCVE-2023-31248

The Linux Kernel, which powers many Linux operating systems, servers and IoT devices, contains a vulnerability that can allow attackers to escalate privileges and gain root access on affected systems.

The vulnerability, tracked as CVE-2023-31248, exists in how the Linux Kernel’s netfilter tables (nftables) subsystem handles chains. nftables failed to properly check if a chain was still active before performing operations on it. An attacker could craft a malicious packet that uses a deleted chain to trigger a “use-after-free” bug. This could allow the execution of code with higher privileges.

Attackers need only local unprivileged access to exploit this flaw. They do not require credentials to escalate privileges to root. Once elevated, a hacker would have complete control of the affected system. They could steal data, install malware, or use the compromised machine to launch attacks on other connected devices and networks.

System administrators and Linux users should apply any updates or patches released by their Linux distribution vendor as soon as possible. Keeping systems up-to-date is one of the best ways to prevent exploitation of known issues. Users should also ensure that only trusted users have physical or remote access to their Linux machines and servers.

References