Product
high
advisory
CIFSwitch Linux Kernel Local Privilege Escalation Vulnerability
2 rules 1 TTPThe CIFSwitch vulnerability in the Linux kernel allows an unprivileged user to forge CIFS authentication key descriptions, abuse the kernel's key request mechanism, and gain root privileges by loading a malicious NSS module.
Linux Mint +12
privilege-escalation
linux
cifs
kernel
2r
1t
medium
advisory
Leveraging Linux Cgroups for Threat Detection and Investigation
2 rulesThis brief outlines how Linux cgroups, a kernel feature for resource management, can be repurposed to provide valuable telemetry for detecting malicious processes, particularly in systemd, Docker, and Kubernetes environments, aiding in investigations of server compromises.
Red Hat Enterprise Linux +5
linux
cgroups
container
kubernetes
docker
systemd
threat-detection
2r