Red Hot Cyber

Cyber security, cybercrime, hack news, and more
Search
Crowdstrike

Linux Kernel UAF 0-day Vulnerability on sale in the Dark Web 

RHC Dark Lab : 25 June 2024 20:48

Recently, a security alert shaked the infosec environment: A malicious actor has announced the sale of Use After Free (UAF) 0-day vulnerability affecting the Linux Kernel on the well-known darknet forum BreachForum. The vulnerabilit permits high privileges code execution to low priviliged users, posing a serious threat to affected systems.

Vulnerability Details

The vulnerability author specifies that the vulnerability affects the 6.6.15-amd64 version of the Linux Kernel. UAF occurs when the memory freed previously could be subsequently re-used allowing attackers to execute arbitrary code with High Privileges (Local Privilege Escalation), bypassing OS’s standard secuirty measures

Payment Methods

In the post the exploit author state “selling 0day Use-after free in the Linux Kernel, you can use it to do a Privileged Code Execution ( LPE (Local Privilege Escalation), or execute code with root privileges ), ( Data Leakage )..etc”. The sell price of the vulnerability is fixed to 150.000 USD. The only payment method allowed is exclusively through Monero (XMR) or Bitcoin (BTC) cryptocurrency. The use of cryptocurrency is chosen to ensure transaction’s anonymity.

Supporta Red Hot Cyber attraverso

The Middle Man

The middle-man for the transaction is IntelBroker, a well known malicious actor, making payment easier for a potential buyer. Moreover the use of a trusted middle-man ensure trust and transparency for the involved parties although they still operate anonymously.

Security Consideration

0-day marketplaces poses an important threat to cybersecurity on a global scale. System administrators and infosec professionals needs to be constantly aware and ready to apply security patch as soon as they become accessible to threat actors. The security community must collaborate to identify and mitigate such threats as quickly as possibile.

Conclusion

The uncover of this 0-day Linux Kernel vulnerability highlights once again the importance of computer security and the necessity to be aware from emerging dangers. The technology community must continue to invest in responsive security measures in order to safeguard systems and sensitive data from increasingly sophisticated attacks.

RHC Dark Lab
RHC Dark Lab is a group of experts from the Red Hot Cyber community dedicated to Cyber Threat Intelligence led by Pietro Melillo. Their mission is to spread knowledge about cyber threats to improve the country's awareness and digital defences, involving not only specialists in the field but also ordinary people. The aim is to disseminate Cyber Threat Intelligence concepts to anticipate threats.
Categories
Banner

Editorial board : [email protected]

Facebook Linkedin Youtube Telegram Twitter Pinterest Tumblr
Redhotcyber is an open-news project born from the idea of Massimiliano Brolli in 2019, subsequently expanded into a network of people who collaborate in the dissemination of topics focused on information security, but also on technology and information technology in general, with the aim to disseminate the concepts of cybersecurity to an ever-increasing number of people
The photos and articles on redhotcyber.com were partly taken from the Internet and therefore considered to be in the public domain. If the subjects or authors have something against their publication, they can report it to the editorial staff who will promptly remove them from the site.