The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386, which has now been added to the Known Exploited Vulnerabilities (KEV) Catalog.
This flaw, rooted in the OverlayFS subsystem of the Linux kernel, allows local users to escalate privileges and potentially gain root-level access on affected systems—a scenario that poses significant risks to both enterprise and cloud environments.
https://gbhackers.com/cisa-alerts-to-ac ... erability/