Critical Linux Kernel Vulnerability Allows Local Privilege Escalation

CVECVE-2024-1085
CVSScvssV3_1: 7.8
SourceCVE-2024-1085

A serious vulnerability has been discovered in the Linux kernel’s netfilter component that could allow attackers to escalate privileges on affected systems.

The nf_tables subsystem, which is used for packet filtering and network address translation, contains a use-after-free bug. This occurs when the nft_setelem_catchall_deactivate() function fails to properly check if a “catch-all” element has already been freed before attempting to delete it again.

By exploiting this flaw, a local attacker could potentially execute arbitrary code with root privileges or escalate their user privileges on the system. They would need to have valid user access to trigger the vulnerability.

The specific commit that fixes the issue is b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7. All Linux users are advised to update their kernels to patch this vulnerability as soon as updates are available from their distribution maintainers. You can also compile the latest mainline kernel from source to protect yourself if no updates have been released yet.

Taking prompt action to apply the fix is recommended, as exploitation of use-after-free bugs can have serious security consequences if left unpatched. Keeping systems up-to-date with the latest patches is always important for mitigating newly discovered vulnerabilities.

References