A significant vulnerability has been identified in the Ubuntu Linux kernel that enables local attackers to escalate privileges, potentially leading to root access. This vulnerability arises from a reference count imbalance in the af_unix subsystem, which was disclosed at TyphoonPWN 2025. The flaw is linked to the kernel version 6.8.0-60-generic used in Ubuntu 24.04.2 and stems from an improper implementation of upstream patches intended to correct reference-counting issues related to inter-process communication via domain sockets.
Researchers demonstrated a proof-of-concept exploit, showcasing the critical nature of this flaw. Mitigation efforts have been initiated, with Canonical releasing an updated kernel to address these vulnerabilities, which should be applied by users on affected systems. The incident highlights the challenges of keeping distribution kernels secure and underscores the importance of monitoring security advisories closely. Despite the absence of reported widespread exploitation, the public disclosure of the PoC emphasizes the urgency for organizations to patch their systems promptly to protect against potential threats.
👉 Pročitaj original: Cyber Security News
