Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA KEV remediation order for CVE-2024-1086

Public Sector Action
First reported
Last updated
Happening score
H score 48
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2024-1086 to the Known Exploited Vulnerabilities (KEV) catalog and ordered federal agencies to secure their systems by June 20, 2024, forcing urgent remediation of an actively exploited Linux kernel flaw. The directive covers a privilege-escalation weakness that can yield root-level access on affected systems. The action raises the urgency for federal defenders because exploitation is already tied to ransomware attacks.

Related Happenings

Linux kernel CIFS subsystem CIFSwitch local privilege escalation privilege-escalation flaw

Vulnerability
First: 30.05.2026 17:16 Last: 30.05.2026 17:16 Sources 1

About this happening: The **Linux kernel CIFS subsystem** has a disclosed **CIFSwitch** local privilege-escalation flaw that can let an **unprivileged local attacker** reach **root privileges** by abus...

Latest development: 01.06.2026 14:19

Major Linux distributions rolled out fixes for the CIFSwitch Linux kernel CIFS privilege-escalation flaw, and Manizada published PoC code to help defenders validate patches, mitigations, detections, and exposure. Linux Mint, CentOS, Rocky Linux, Kali Linux, AlmaLinux, and SLES SAP systems that ship cifs-utils by default are vulnerable, and some distros are vulnerable only if cifs-utils was manually installed.

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA KEV listing and FCEB ActiveMQ patch order

Public Sector Action
First: 17.04.2026 12:30 Last: 17.04.2026 12:30 Sources 1

About this happening: **CISA** added **CVE-2026-34197** to the **KEV Catalog** and ordered **FCEB** agencies to patch **Apache ActiveMQ** servers within **two weeks**. The directive sets a hard **April...

Open Happening

Timeline

  1. 31.10.2025 15:05 2 articles · 7mo ago

    CISA orders federal agencies to secure systems against CVE-2024-1086 by June 20, 2024

    Legal Policy Action Update

    CISA added CVE-2024-1086, a Linux kernel use-after-free flaw in netfilter: nf_tables, to its Known Exploited Vulnerabilities (KEV) catalog in May 2024 and directed federal agencies to secure their systems by June 20, 2024 because the flaw was being used in ransomware attacks.

    Show sources
    Open in new tab
  2. 31.10.2025 15:05 1 articles · 7mo ago

    CISA confirms CVE-2024-1086 is being exploited in ransomware attacks

    Initial Disclosure

    CISA confirmed that CVE-2024-1086, a high-severity Linux kernel privilege-escalation flaw, is now being exploited in ransomware attacks, meaning local attackers can potentially gain root-level access on affected systems.

    Show sources
    Open in new tab