{"id":224353,"date":"2025-11-01T01:09:18","date_gmt":"2025-11-01T06:09:18","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/11\/cisa-high-severity-linux-flaw-now-exploited-by-ransomware-gangs"},"modified":"2025-11-01T01:09:18","modified_gmt":"2025-11-01T06:09:18","slug":"cisa-high-severity-linux-flaw-now-exploited-by-ransomware-gangs","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/11\/cisa-high-severity-linux-flaw-now-exploited-by-ransomware-gangs","title":{"rendered":"CISA: High-severity Linux flaw now exploited by ransomware gangs"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cisa-high-severity-linux-flaw-now-exploited-by-ransomware-gangs.jpg\"><\/a><\/p>\n<p>CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks.<\/p>\n<p>While the vulnerability (tracked as <a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2024-1086\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2024\u20131086<\/a>) was disclosed on January 31, 2024, as a use-after-free weakness in the netfilter: nf_tables kernel component and was fixed via a commit <a href=\"https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=f342de4e2f33e0e39165d8639387aa6c19dff660\" target=\"_blank\" rel=\"nofollow noopener\">submitted in January 2024<\/a>, it was first introduced by a decade-old commit in <a href=\"https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=e0abdadcc6e1\" target=\"_blank\" rel=\"nofollow noopener\">February 2014<\/a>.<\/p>\n<p>Successful exploitation enables attackers with local access to escalate privileges on the target system, potentially resulting in root-level access to compromised devices.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks. While the vulnerability (tracked as CVE-2024\u20131086) was disclosed on January 31, 2024, as a use-after-free weakness in the netfilter: nf_tables kernel component and was fixed via a commit submitted in January 2024, it was [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-224353","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/224353","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=224353"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/224353\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=224353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=224353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=224353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}