163
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware
(cybersecuritynews.com)
this post was submitted on 03 Nov 2025
163 points (97.7% liked)
Linux
13788 readers
327 users here now
Welcome to c/linux!
Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!
Rules:
-
Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.
-
Be respectful: Treat fellow community members with respect and courtesy.
-
Quality over quantity: Share informative and thought-provoking content.
-
No spam or self-promotion: Avoid excessive self-promotion or spamming.
-
No NSFW adult content
-
Follow general lemmy guidelines.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You need to be able to run code on the system that has the bug. The bug is in the netfilter component, in how it's managed on that system, not in the actual traffic flows.
So a non issue unless somebody has physical access to the machine?
Unfortunately, it's not that simple, because attacks often involve "exploit chains". In this case, an attacker would use a different vulnerability to gain code execution capability, and then use that capability to exploit this vulnerability.
Update your systems, folks.
Understood
Not directly, but as other comment has mentioned, it reduces the overall security posture because it could be combined with other flaws known and unknown.
Yeah, less vectors are better