CISA: Actively exploited Linux kernel flaw requires immediate remediation

Ongoing limited, targeted attacks leveraging the high-severity Linux kernel flaw, tracked as CVE-2024-53104, have prompted the Cybersecurity and Infrastructure Security Agency to urge federal agencies to address vulnerable Linux and Android devices by Feb. 26, BleepingComputer reports.

Such a vulnerability — which stems from a USB Video Class driver out-of-bounds write issue that could be exploited for privilege escalation — may have been used by forensic data extraction tools, according to the GrapheneOS development team. Moreover, CISA warned that security flaws impacting the Linux kernel are prime targets for cyberattacks and pose significant risks to federal networks. Such a development comes after the inclusion of high- and critical severity Microsoft .NET Framework and Apache OFBiz flaw in CISA's Known Exploited Vulnerabilities catalog earlier this week, as well as the release of Five Eyes network edge device security guidelines urging manufacturers to improve forensic visibility in network edge devices to enhance attack detection and response.