A recently discovered Linux privilege-escalation exploit has the potential to grant root access to vulnerable machines running certain kernel versions. The exploit, developed by a bug hunter known as Notselwyn, has been reported to work seamlessly on kernel versions ranging between 5.14 and 6.6.14.

If executed by a normal user on a vulnerable system, the exploit allows unauthorized access to the entire system, enabling malicious insiders or malware to wreak havoc on the compromised machine. This vulnerability affects popular Linux distributions such as Debian, Ubuntu, Red Hat, Fedora, and likely others.

Tracked as CVE-2024-1086, the exploit has been rated 7.8 out of 10 in terms of severity by the CVSS. Although a patch was issued at the end of January, it is important for users to ensure that their kernels are updated to protect against potential local privilege escalation (LPE) attacks.

The exploit takes advantage of a double-free bug within the Linux kernel’s netfilter component, specifically involving nf_tables. This bug can potentially lead to crashes or the execution of arbitrary code within the kernel. To mitigate the risk, it is recommended to apply the necessary patches, especially if LPE poses a significant threat to your system’s security.

Notselwyn, the creator of the exploit, shared detailed technical information about the bug and highlighted its effectiveness on various kernel versions. By leveraging a technique called Dirty Pagedirectory, the exploit provides unlimited read/write access to a Linux system’s memory, allowing attackers full control over the compromised machine.

Furthermore, Notselwyn has made the exploit’s source code publicly available, making it relatively easy to execute. To successfully exploit the vulnerability, attackers must have access to the unprivileged-user namespaces option and trigger a double-free operation within nf_tables, among other steps.

By staying informed and promptly applying necessary updates, users can protect their systems from potential exploitation and maintain the integrity of their Linux environments.

Fabio

Full Stack Developer

About the Author

I’m passionate about web development and design in all its forms, helping small businesses build and improve their online presence. I spend a lot of time learning new techniques and actively helping other people learn web development through a variety of help groups and writing tutorials for my blog about advancements in web design and development.

View Articles