- Researcher Asim Viladi Oglu Manizada disclosed CIFSwitch, a Linux privilege‑escalation flaw lingering for nearly 20 years
- Affects major distros including Mint, CentOS Stream 9, Rocky Linux 9, AlmaLinux 9, Kali Linux, SLES 15 SP7
- Mitigation includes applying updates, disabling unnecessary file‑sharing components, and restricting exploitable features
Security researchers are warning about a new vulnerability in certain Linux distributions, which can be abused to uplift regular accounts to system administrators.
The vulnerability was discovered by researcher Asim Viladi Oglu Manizada, who named it “CIFSwitch”. It affects a feature that allows Linux computers to connect to shared files and folders on other devices across a network. He also published a proof-of-concept (PoC) for the bug, which can be found here.
Manizada says the vulnerability lingered in Linux distributions for almost two decades, and stressed that it can be exploited under certain conditions to elevate a user’s privileges from a standard account to full root access.
Kernel update
Numerous popular Linux distributions were said to be affected, including Mint, CentOS Stream 9, Rocky Linux 9, AlmaLinux 9, Kali Linux, and SLES 15 SP7. Other operating systems based on Linux, including some versions of Ubuntu and Debian, were also said to be potentially affected, depending on software packages installed.
Some distributions are not at risk, including those that lack the affected functionality entirely, and some newer versions that include security protections against this type of attack.
The vulnerability was fixed through a kernel update, but not all distros are patched just yet. Users are advised to install the latest security updates as soon as they become available. Admins can also disable unnecessary file-sharing components and restrict features that could help attackers exploit the flaw, if they want to be more on the safe side.
This is the latest in a series of privilege-escalation flaws that were recently discovered in Linux, BleepingComputer reminds. Before CIFSwitch, researchers discovered Copy Fail, Dirty Frag, Fragnesia, DirtyDecrypt, and PinTheft.
It’s also worth mentioning that Manizada used a Large Language Model (LLM) to discover CIFSwitch: “A distro-specific Linux LPE found by harnessing LLMs into better multihop knowledge composition,” he concluded.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
https://cdn.mos.cms.futurecdn.net/24LpHRooWcSEnJiNmUBoBK-2560-80.jpg
Source link
