Linux kernel netfilter:nf_tables use-after-free privilege escalation (CVE-2024-1086)
Vulnerability
Summary
Hide ▲
Show ▼
The Linux kernel netfilter:nf_tables use-after-free flaw CVE-2024-1086 is being exploited in ransomware attacks, putting affected Linux systems at risk of root-level compromise. The weakness was disclosed on January 31, 2024 and fixed by a January 2024 commit. A late-March PoC exploit showed local privilege escalation on Linux 5.14 to 6.6. CISA later added the flaw to the KEV catalog and ordered federal agencies to remediate it by June 20, 2024.
Related Happenings
Linux kernel Dirty Frag local root escalation privilege-escalation flaw
Vulnerability
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...
Linux kernel Dirty Frag local root escalation privilege-escalation flaw
VulnerabilityAbout this happening: **Dirty Frag** is a newly disclosed **Linux kernel** zero-day that can give **local attackers root privileges** on **most major Linux distributions**. The flaw is anchored in the...
Linux kernel Dirty Frag blocklist mitigation
Advisory/Mitigation
First: 08.05.2026 08:12
Last: 08.05.2026 08:12
Sources 1
About this happening:
**CloudLinx** and Linux distribution advisories now recommend blocklisting **esp4**, **esp6**, and **rxrpc** to reduce exposure to the **Dirty Frag** Linux kernel **LPE** while pa...
Linux kernel Dirty Frag blocklist mitigation
Advisory/MitigationAbout this happening: **CloudLinx** and Linux distribution advisories now recommend blocklisting **esp4**, **esp6**, and **rxrpc** to reduce exposure to the **Dirty Frag** Linux kernel **LPE** while pa...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector Action
First: 03.05.2026 09:26
Last: 03.05.2026 09:26
Sources 1
About this happening:
CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
CISA KEV action for CVE-2026-31431 and FCEB remediation
Public Sector ActionAbout this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/Mitigation
First: 30.04.2026 12:24
Last: 30.04.2026 12:24
Sources 1
About this happening:
Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/MitigationAbout this happening: Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
CISA KEV listing for Wing FTP CVE-2025-47813
Public Sector Action
First: 17.03.2026 07:23
Last: 17.03.2026 07:23
Sources 1
About this happening:
CISA added **CVE-2025-47813** in **Wing FTP Server** to the **KEV catalog** after evidence of **active exploitation**, putting the flaw under formal government tracking. The listi...
CISA KEV listing for Wing FTP CVE-2025-47813
Public Sector ActionAbout this happening: CISA added **CVE-2025-47813** in **Wing FTP Server** to the **KEV catalog** after evidence of **active exploitation**, putting the flaw under formal government tracking. The listi...
Timeline
-
31.10.2025 15:05 2 articles · 6mo ago
Initial report: Linux kernel netfilter:nf_tables use-after-free privilege escalation (CVE-2024-1086)
Initial DisclosureBy **January 31, 2024**, **CVE-2024-1086** was disclosed as a **use-after-free** in **Linux kernel netfilter:nf_tables** and fixed in a January commit. In late March, a **PoC exploit** showed local privilege escalation on **Linux 5.14 to 6.6**.
Show sources
- CISA: High-severity Linux flaw now exploited by ransomware gangs — www.bleepingcomputer.com — 31.10.2025 15:05
- CISA: High-severity Linux flaw now exploited by ransomware gangs — www.bleepingcomputer.com — 31.10.2025 15:05