Hello Linux users, 

An easily exploitable Linux kernel privilege escalation bug has been identified in the Linux kernel versions between 5.14 and 6.6.14. Exploiting this flaw as a normal user on a vulnerable machine will give you root access, enabling you to do whatever you want on the compromised machine. This ‘make-me-root’ issue can be leveraged by rogue insiders or malware already on a computer to cause further damage and repercussions.

Read on to learn how to mitigate this severe Linux kernel bug. You’ll also get updates on other issues impacting your open-source programs and applications that could compromise SSH services and leak your critical data. 

If you gained valuable information from reading today’s newsletter, please share it with a fellow security geek. Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our enthusiasm for Linux and security!

Stay safe out there,

Brittany Signature 150 Esm W150

Linux Kernel

The Discovery 

An easily exploitable Linux kernel privilege escalation bug tracked as CVE-2024-1086 has been identified in the Linux kernel versions between 5.14 and 6.6.14. The vulnerability is a double-free bug in the kernel's netfilter component involving nf_tables. Exploiting this flaw as a normal user on a vulnerable machine will give you root access, enabling you to do whatever you want on the compromised machine.

LinuxKernel Esm W206

The Impact

This ‘make-me-root’ issue can be used by rogue insiders or malware already on a computer to cause further damage and repercussions.

The Fix

Critical bug fixes have been released for the kernel to mitigate this flaw. Given this vulnerability's severe threat to affected systems, if left unpatched, we urge all impacted users to apply the security patch updates released by their distro(s) as soon as possible to protect against malware attacks, system compromise, and other severe consequences.

Your Related Advisories:

[distro_list_1]

util-linux

The Discovery 

Have you updated to mitigate the severe ‘WallEscape’ security bug recently discovered in the wall command of the util-linux package? This vulnerability, tracked as CVE-2024-28085, has been present in every package version for 11 years. This issue enables an attacker to exploit escape control characters to create a fake SUDO prompt on other users' terminals. It can be exploited under certain conditions, mainly when the "mesg" utility is active and the wall command has setgid permissions.

Util Linux Esm W204

The Impact

This critical vulnerability could deceive users into exposing sensitive information, such as admin passwords.

The Fix

Admins are advised to upgrade to linux-utils v2.40 or implement mitigations by removing setgid permissions from the wall command or disabling the message broadcast functionality using the 'mesg' command. Distos continue to release essential advisory patch updates addressing this issue. We urge all impacted users to apply these bug fixes now to protect their sensitive data against compromise.

Your Related Advisories:

[distro_list_2]

xz-utils

The Discovery 

Distros continue to release important advisory patch updates addressing a critical backdoor found in the widely used xz compression utility. The issue is tracked as CVE-2024-3094 and has a maximum CVSS score of 10. This critical flaw impacts Linux distros that incorporate libsystemd.

Xz Utils Logo Esm W400

The Impact

This severe security bug could grant unauthorized access to vulnerable SSH services, leading to compromise. SSH compromise has severe implications for admins and security practitioners, as SSH is a fundamental tool used to access and manage systems remotely.

The Fix

An essential bug fix for xz-utils has been released to mitigate this vulnerability. Given the severe threat this backdoor poses to affected systems if left unpatched, we strongly recommend that all impacted users update immediately to fortify their SSH services against compromise.

Your Related Advisories:

[distro_list_3]