CISA Alerts to Widespread Linux Kernel Privilege Escalation Vulnerabilities
The U.S. CISA has issued a warning about an actively exploited privilege escalation vulnerability in the Linux kernel (CVE-2023-0386), which allows local users to gain root access by exploiting an improper ownership management bug in OverlayFS. Although patched earlier in 2023, the flaw is being exploited in the wild, and federal agencies are required to apply patches by July 8, 2025.