this post was submitted on 03 Nov 2025
196 points (97.6% liked)

Linux

13984 readers
85 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
MigratingtoLemmy@lemmy.world
196
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware (cybersecuritynews.com)
submitted 2 weeks ago by RegularJoe@lemmy.world to c/linux@lemmy.world
94 comments fedilink hide all child comments
 

This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.

you are viewing a single comment's thread
view the rest of the comments
[–] BCsven@lemmy.ca 8 points 2 weeks ago (3 children)

So a non issue unless somebody has physical access to the machine?

[–] who@feddit.org 22 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Unfortunately, it's not that simple, because attacks often involve "exploit chains". In this case, an attacker would use a different vulnerability to gain code execution capability, and then use that capability to exploit this vulnerability.

Update your systems, folks.

[–] BCsven@lemmy.ca 1 points 2 weeks ago

Understood

[–] bookmeat@lemmynsfw.com 8 points 2 weeks ago (1 children)

No. They just have to be able to place exploit code onto your machine and have it run.

[–] BCsven@lemmy.ca -2 points 2 weeks ago (1 children)

If they can place exploit code on my machine, I think its already game over, regardless of that bug

[–] CriticalMiss@lemmy.world 8 points 2 weeks ago (1 children)

Not necessarily, if you follow proper hosting etiquette, then even if they break in they should only be a standard user and have no access to the rest of your system. But most self hosters just run everything as root as it’s less of a hassle.

[–] BCsven@lemmy.ca 1 points 2 weeks ago

I guess I was thinking of the many Linux users I have encountered that sets same user and root password, or has sudo as passwordless. SMH

[–] henfredemars@infosec.pub 1 points 2 weeks ago (1 children)

Not directly, but as other comment has mentioned, it reduces the overall security posture because it could be combined with other flaws known and unknown.

[–] BCsven@lemmy.ca 1 points 2 weeks ago

Yeah, less vectors are better