Your Followed Topics

Top 1 cisa News Today

#1
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
#1 out of 199.07%
technology3h ago

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

https://thehackernews.com/2026/05/cisa-adds-actively-exploited-linux-root.html
Thehackernews.com
  • CISA added CVE-2026-31431 to KEV after confirming active exploitation in the wild.
  • The flaw, CVE-2026-31431, enables local privilege escalation to root on Linux systems.
  • Experts say the attack works by corrupting the kernel page cache to alter binaries at runtime.
  • The vulnerability affects Linux distributions shipped since 2017 and can be exploited locally with low privileges.
  • Kaspersky notes the issue poses a risk to container environments like Docker and Kubernetes.
  • A working PoC is available, with Go and Rust variants detected in repositories.
  • Feds urge patching by May 15, 2026, to mitigate the risk in federal and civilian systems.
  • If patching is not possible, users should disable affected features and apply network controls.
  • CISA warns the attack becomes more dangerous when chained with SSH or compromised CI jobs.
  • CISA said the attack uses legitimate system calls, making detection hard.
Vote 0
0

Explore Your Interests

Unlimited Access
Personalized Feed
Full Experience
or
By continuing, you agree to the Privacy Policy.. You also agree to receive our newsletters, you can opt-out any time.

Explore Your Interests

Create an account and enjoy content that interests you with your personalized feed

Unlimited Access
Personalized Feed
Full Experience
or
By continuing, you agree to the Privacy Policy.. You also agree to receive our newsletters, you can opt-out any time.

Advertisement

Advertisement