This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.
This vulnerability, hidden within the netfilter: nf_tables component, allows local attackers to escalate their privileges and potentially deploy ransomware, which could severely disrupt enterprise systems worldwide.
Local attacker? So on your LAN
The (ssh) call it coming from inside the 127.0.0.1!!
(Scoot over, I need the keeb.)
You need to be able to run code on the system that has the bug. The bug is in the netfilter component, in how it’s managed on that system, not in the actual traffic flows.
So a non issue unless somebody has physical access to the machine?
Unfortunately, it’s not that simple, because attacks often involve “exploit chains”. In this case, an attacker would use a different vulnerability to gain code execution capability, and then use that capability to exploit this vulnerability.
Update your systems, folks.
Understood
No. They just have to be able to place exploit code onto your machine and have it run.
If they can place exploit code on my machine, I think its already game over, regardless of that bug
Not necessarily, if you follow proper hosting etiquette, then even if they break in they should only be a standard user and have no access to the rest of your system. But most self hosters just run everything as root as it’s less of a hassle.
I guess I was thinking of the many Linux users I have encountered that sets same user and root password, or has sudo as passwordless. SMH
Not directly, but as other comment has mentioned, it reduces the overall security posture because it could be combined with other flaws known and unknown.
Yeah, less vectors are better