all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-900: (Pwn2Own) Linux Kernel nftables Incorrect Pointer Scaling Local Privilege Escalation Vulnerability

Add to bookmarks
July 6, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

attackers code escalation exploit kernel linux linux kernel local local privilege escalation low nftables order privilege privileged privilege escalation privileges pwn2own scaling system target vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-454: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability 2 days, 5 hours ago | www.zerodayinitiative.com
access access rights attackers authentication +18
ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability 2 days, 5 hours ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-455: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability 2 days, 5 hours ago | www.zerodayinitiative.com
access access rights arbitrary code attackers +20
ZDI-24-450: (0Day) D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +14
ZDI-24-449: (0Day) D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +14
ZDI-24-448: (0Day) D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +16
ZDI-24-447: (0Day) D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day attackers authentication authentication bypass +12
ZDI-24-446: (0Day) D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +17
ZDI-24-445: (0Day) D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability 3 days, 5 hours ago | www.zerodayinitiative.com
0day attackers authentication cgi +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Information System Security Engineer 2

@ Wyetech | Annapolis Junction, Maryland
View on infosec-jobs.com

Staff Vulnerability/Configuration Management Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Security Engineer

@ AXS | London, England, UK
View on infosec-jobs.com