The US government is warning that a Linux flaw introduced more than a decade ago – and fixed more than a year ago – is being actively used in ransomware attacks. In February 2014, a vulnerability was introduced into the Linux kernel via a commit.
The bug was first disclosed in late January 2024, and described as a “use-after-free weakness in the netfilter: nf_tables kernel component”. It was fixed later that month, and was given a label CVE-2024-1086. Its severity score is 7.8/10 (high) and can be exploited to achieve local privilege escalation.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump
March 20, 2017
Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...

