Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
April 19, 2023Rewterz Threat Advisory – APT28 Targeting Old Cisco Vulnerability
April 20, 2023Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
April 19, 2023Rewterz Threat Advisory – APT28 Targeting Old Cisco Vulnerability
April 20, 2023Severity
High
Analysis Summary
CVE-2023-2124
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds access flaw in the XFS subsystem due to a missing metadata validation when mounting a user-supplied XFS disk image. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-2124
Affected Vendors
Linux
Affected Products
- Linux Kernel
Remediation
Refer to lore.kernel Web site for patch, upgrade or suggested workaround information.