New #CIFSwitch #Linux flaw gives root on multiple distributions

https://www.bleepingcomputer.com/news/security/new-cifswitch-linux-flaw-gives-root-on-multiple-distributions/

#cybersecurity

A critical local privilege escalation (LPE) vulnerability, dubbed CIFSwitch, has been uncovered in the Linux kernel's CIFS subsystem—and it's been there for 19 years! Discovered by Asim Viladi Oglu Manizada at SpaceX, this flaw allows unprivileged local users to gain root privileges on many Linux distributions. This discovery highlights the persistent challenge of finding deeply embedded…

https://www.tpp.blog/v7os9xt

#cybersecurity #cifswitch #linuxsecurity

🤖 This post was AI-generated.

#CIFSwitch Vulnerability Exposes Some #Linux Distros to Local Root Access

https://linuxiac.com/cifswitch-vulnerability-exposes-some-linux-distros-to-local-root-access/

Linux-Kernel-Härtung: Analyse der CIFSwitch-LPE-Schwachstelle (CVE-2026-31431)

https://blake-hofer.net/linux-kernel-haertung-analyse-der-cifswitch-lpe-schwachstelle-cve-2026-31431/

#LinuxSecurity #KernelVulnerability #CVE202631431 #CIFSwitch #RootExploit #CyberSecurity #SystemAdmin #SMB #DBH_ITSystems #Dominique #Blake-Hofer

With the recent #CIFSwitch #Linux #Kernel #Venerability being exposed, time has come for a rewrite and rethink of some basic Linux internals.

There is no need for a crypto graphic authentication to be done by root user or by a user having CAP_SYS_ADMIN privileges. A separate user with a single cryptographic privilege should suffice. A user incapable of loading shared libraries.

Helper and services ought not to run with root like it was done for cifs. Rather a restricted user ought to be used.

https://heyitsas.im/posts/cifswitch/

And another one #Linux #LPE #cifswitch
The #PoC #exploit is at large. The kernel patch is public (vendors are adapting it right now I guess). No CVE is assigned yet.