The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding CVE-2024-1086, a critical use-after-free vulnerability in the Linux kernel’s netfilter subsystem. This vulnerability can enable local attackers to escalate privileges, potentially leading to ransomware deployment. As per CISA’s report updated on October 31, 2025, exploitation campaigns have been linked to unpatched Linux servers, notably affecting versions prior to kernel 6.1.77.
Exploiting CVE-2024-1086 involves crafting malicious netfilter rules that trigger improper memory deallocation, allowing arbitrary code execution with root privileges. Attackers often gain local access through phishing or weak credentials, creating a pathway for significant disruption in systems, especially those in healthcare and financial sectors. The spike in real-world attacks marks an urgent call to action for organizations to patch their systems and apply recommended mitigations. With Linux serving as a backbone for numerous infrastructures, CISA’s warning underscores the escalating threat landscape of ransomware targeting open-source environments.
👉 Pročitaj original: Cyber Security News
