CISA added a security flaw in the Linux kernel to the KEV catalog. This flaw is being actively exploited. The CVE-2024-1086 (CVSS score: 7.8) is a high-severity issue. It is related to a use-after-free bug in the netfilter component. This bug allows a local attacker to gain root privileges from a regular user and potentially run any code.
“Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation,” CISA said.
By infosecbulletin
/ Friday , June 28 2024
Researchers said, threat actor exploiting vulnerabilities in Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839 to deploy cryptocurrency miners via PowerShell...
Read More
By infosecbulletin
/ Friday , June 28 2024
In a statement On Wednesday, 26 June 2024, team viewer said, "our security team detected an irregularity in TeamViewer’s internal...
Read More
By infosecbulletin
/ Friday , June 28 2024
GitLab, a platform for DevOps tools, released critical updates for its Community Edition (CE) and Enterprise Edition (EE). The new...
Read More
By infosecbulletin
/ Thursday , June 27 2024
Several vulnerabilities have been found in the TP-Link Omada system, which is a popular software-defined networking solution for small to...
Read More
By infosecbulletin
/ Thursday , June 27 2024
Evolve Bank & Trust experienced a cybersecurity incident. The bank confirmed that cybercriminals obtained and shared customers' personal information on...
Read More
By infosecbulletin
/ Thursday , June 27 2024
According to digital risk management firm Athenian Technology, BSNL, India's state-owned telecom provider, suffered a significant data breach. A cybercriminal...
Read More
By infosecbulletin
/ Wednesday , June 26 2024
Over 100,000 websites were compromised in a recent supply chain attack. The attack injected malware into the popular Polyfill JS...
Read More
By infosecbulletin
/ Wednesday , June 26 2024
A hacker changed the code of five plugins on WordPress.org to add harmful PHP scripts that make new admin accounts...
Read More
By infosecbulletin
/ Wednesday , June 26 2024
CISA released two advisories about Industrial Control Systems (ICS) on June 25, 2024. The advisories contain important information about security...
Read More
By infosecbulletin
/ Tuesday , June 25 2024
CISA warns that its Chemical Security Assessment Tool (CSAT) was hacked in January. Hackers used a webshell on the Ivanti...
Read More
Netfilter is a framework in the Linux kernel that helps with network tasks like filtering packets, translating network addresses, and translating ports.
The vulnerability was fixed in January 2024, but it is currently unclear how the flaw was exploited in the attacks.
A new security flaw (CVE-2024-24919, CVSS score: 7.5) has been added to the KEV catalog. It affects Check Point network gateway security products, allowing attackers to read sensitive information on Internet-connected Gateways with remote access VPN or mobile access enabled.
Federal agencies should apply the latest fixes by June 20, 2024, to protect their networks from potential threats related to CVE-2024-1086 and CVE-2024-24919.