March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – CoinMiner Malware – Active IOCs
February 5, 2024Rewterz Threat Advisory – CVE-2024-0253 – Zoho ManageEngine ADAudit Plus Vulnerability
February 6, 2024Rewterz Threat Alert – CoinMiner Malware – Active IOCs
February 5, 2024Rewterz Threat Advisory – CVE-2024-0253 – Zoho ManageEngine ADAudit Plus Vulnerability
February 6, 2024
Severity
High
Analysis Summary
CVE-2024-1085
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by use-after-free flaw in the nft_setelem_catchall_deactivate() function in the Netfilter subsystem. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privileges Escalation
Indicators Of Compromise
CVE
- CVE-2024-1085
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.13
- Linux Kernel 5.15
- Linux Kernel 6.1
- Linux Kernel 6.6
- Linux Kernel 6.7.0
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.