194
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware
(cybersecuritynews.com)
this post was submitted on 03 Nov 2025
194 points (97.5% liked)
Linux
13812 readers
68 users here now
Welcome to c/linux!
Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!
Rules:
-
Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.
-
Be respectful: Treat fellow community members with respect and courtesy.
-
Quality over quantity: Share informative and thought-provoking content.
-
No spam or self-promotion: Avoid excessive self-promotion or spamming.
-
No NSFW adult content
-
Follow general lemmy guidelines.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For exploiting a privilege escalation the attacker must be able to run their own code on your machine. If you let them do such things, you already have more than enough security problems in the first place.
Except for supply chain attacks. You get a foot in the door, and open the rest with impunity
Yes, but still a privilege elevation bug is still less risky than a remote execution one.
They're replying to the victim blaming mentality of "if you let them then you have bigger problems" in your comment. Not your point about it being less dangerous than remote execution.