Security Alert

kc1di · Jun 1, 2024

I don't know how many this may affect but good to know about.

Federal agency warns critical Linux vulnerability being actively exploited

Cybersecurity and Infrastructure Security Agency urges affected users to update ASAP.

arstechnica.com

Github take.

GitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF i

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9...

github.com

there was a patch issued in Feb. 24 but not all kernels have been patched.

ron.alan · Jun 1, 2024

Is there a way to tell if one has a patched kernel or not? I can't make heads or tails out of it.

kc1di · Jun 1, 2024

Usually the distro will let us know so far I've seen that Suse and Fedora have patched theirs not sure about any others.
this page may shed some light on the subject. It says most distros issued patches quickly.

Jonathan Wright - Dealing with CVE-2024-1086

jonathanspw.com

GatorsFan · Jun 1, 2024

For Debian users and Debian based look here - https://security-tracker.debian.org/tracker/CVE-2024-1086

if your are running the latest Debian Kernel 6.1.0-21 you are good which equals 6.1.90-1

ron.alan · Jun 1, 2024

GatorsFan said:
if your are running the latest Debian Kernel 6.1.0-21 you are good

Thanks GatorsFan. That's the kernel I'm on. But how do you know that "Debian Kernel 6.1.0-21 ... equals 6.1.90-1"?

GatorsFan · Jun 1, 2024

ron.alan said:
Thanks GatorsFan. That's the kernel I'm on. But how do you know that "Debian Kernel 6.1.0-21 ... equals 6.1.90-1"?

Debian -- Details of package linux-image-6.1.0-21-amd64 in bookworm

ron.alan · Jun 1, 2024

That was quick.

While you were posting, I found another way (which I should have already known about):

GatorsFan · Jun 1, 2024

ron.alan said:
That was quick. While you were posting, I found another way (which I should have already known about):

View attachment 20244

Yep I was going to mention that as well but you beat me to it -

truckerDave · Jun 1, 2024

Info for Ubuntu users

https://ubuntu.com/security/CVE-2024-1086

Security Alert

kc1di

Well-Known Member

Federal agency warns critical Linux vulnerability being actively exploited

GitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF i

ron.alan

Active Member

kc1di

Well-Known Member

Jonathan Wright - Dealing with CVE-2024-1086

GatorsFan

Well-Known Member

ron.alan

Active Member

GatorsFan

Well-Known Member

ron.alan

Active Member

GatorsFan

Well-Known Member

truckerDave

Active Member

Staff online

Members online

Latest posts