19-Year-Old Linux Kernel Vulnerability Allows Root Access on Multiple Distributions
A critical vulnerability, known as CIFSwitch, has been discovered in the Linux kernel, affecting its CIFS subsystem and the cifs-utils userspace helper. This flaw, which has existed for 19 years, enables low-privileged users to escalate their privileges to root on various Linux distributions. The vulnerability arises from the kernel's failure to verify the origin of request_key calls, allowing attackers to manipulate key description fields and gain unauthorized root access. The issue impacts several Linux distributions, including Linux Mint, CentOS, Rocky Linux, and others, particularly those with cifs-utils installed by default. Security engineer Asim Viladi Oglu Manizada has highlighted the need for user-space hardening and proper validation of key descriptions to mitigate this vulnerability. Major Linux distributions have already released patches to address the defect. 
