The security vulnerabilities are dropping thick and fast at the moment: two high-severity issues impacting 3 billion Chrome web browser users, Windows users warned about a critical account takeover authentication bypass bug, and even Mac users being confronted with the truth that even they cannot escape the security alerts. Now a U.S. Department of Homeland Security agency has warned Linux users that they must update within three weeks as attacks target a critical kernel vulnerability.
The Cybersecurity and Infrastructure Security Agency has confirmed that CVE-2024-53104, which it describes as a Linux kernel out-of-bounds write vulnerability, has been added to the government’s Known Exploited Vulnerabilities Catalog “based on evidence of active exploitation.” This is very bad news indeed as these types of escalation of privileges vulnerabilities are a “frequent attack vectors for malicious cyber actors and pose significant risks,” CISA warned. The fact that it’s also a zero-day vulnerability only adds to the security concern. Google, which patched the vulnerability for Android users Feb. 3, described CVE-2024-53104 as leading to “physical escalation of privilege with no additional execution privileges needed.” In plain English, what this means is that an attacker could potentially execute arbitrary code or conduct a denial-of-service attack, neither of which are welcome on any Linux server. As Iain Thomson, writing at The Register, said, “this sounds like someone being able to plug a malicious gadget – perhaps something law enforcement might use – into a vulnerable Android device and taking it over.”
www.forbes.com
