[tomek@vz]

Citiraj:

A critical Proof-of-Concept (PoC) exploit has been released for a significant vulnerability in the Linux kernel’s nftables subsystem, tracked as CVE-2024-26809.

This flaw, rooted in the kernel’s netfilter infrastructure, exposes affected systems to local privilege escalation through a sophisticated double-free attack.

Security researchers, including the user “conlonialC,” have demonstrated how this bug can be weaponized to achieve root-level access, underscoring the urgency for system administrators to apply available patches.

Citiraj:

CVE-2024-26809 affects Linux kernel versions 5.15.54 and later, including the 6.1 and 6.6 LTS branches.

The vulnerability has been addressed in recent kernel updates, with distributions such as Debian, Ubuntu, and SUSE releasing patches for all supported versions.

> CSNews