U.S. CISA adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog
ATT&CK techniques detected
T1068Exploitation for Privilege Escalation
84%
“process repeats until enough shellcode is injected into the cached binary. finally, the attacker runs execve ( " / usr / bin / su " ). the kernel loads the modified version from the page cache instead of disk. since su runs with setuid - root privileges, the injected code execute…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1068Exploitation for Privilege Escalation
38%
“##thencesn design, af _ alg support, and a 2017 in - place optimization, creating a long - hidden but critical vulnerability. the exploit targets / usr / bin / su, a common setuid - root binary on linux systems. first, the attacker opens an af _ alg socket and binds it to the vul…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Linux Kernel to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in the Linux Kernel, tracked as CVE-2026-31431 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Recently, Xint Code researchers warned of a serious Linux […]