Rewterz Threat Alert – PatchWork APT Threat Actor Group Targeting Pakistan – Active IOCs
February 5, 2024Rewterz Threat Advisory – CVE-2024-22430 – Dell EMC PowerScale OneFS Vulnerability
February 5, 2024Rewterz Threat Alert – PatchWork APT Threat Actor Group Targeting Pakistan – Active IOCs
February 5, 2024Rewterz Threat Advisory – CVE-2024-22430 – Dell EMC PowerScale OneFS Vulnerability
February 5, 2024Severity
High
Analysis Summary
CVE-2024-1086
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by use-after-free flaw in the nft_verdict_init() function in the Netfilter subsystem. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2024-1086
Affected Vendors
Linux
Affected Products
- Linux Kernel 6.1
- Linux Kernel 6.6
- Linux Kernel 6.7.0
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.