New Linux CIFSwitch Kernel Vulnerability Allows Attackers to Gain Root Access

A newly disclosed Linux local privilege escalation (LPE) vulnerability dubbed “CIFSwitch” enables low-privileged users to gain root access by abusing a logic flaw between the Linux kernel CIFS client and the userspace cifs-utils package. The bug was discovered by security researcher Asim Manizada, who has published a detailed technical write-up and PoC to help defenders assess their exposure […] The post New Linux CIFSwitch Kernel Vulnerability Allows Attackers to Gain Root Access appeared first on Cyber Security News.