1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Multiple Linux distros hit by major 'CIFSwitch' flaw that gives a

    From TechnologyDaily@1337:1/100 to All on Monday, June 01, 2026 20:00:27
    Multiple Linux distros hit by major 'CIFSwitch' flaw that gives attackers
    root access

    Date:
    Mon, 01 Jun 2026 18:15:00 +0000

    Description:
    If you're using Linux, make sure you patch up and disable unnecessary file sharing features.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Researcher Asim Viladi Oglu Manizada disclosed CIFSwitch, a Linux privilegeescalation flaw lingering for nearly 20 years Affects major distros including Mint, CentOS Stream 9, Rocky Linux 9, AlmaLinux 9, Kali Linux, SLES 15 SP7 Mitigation includes applying updates, disabling unnecessary filesharing components, and restricting exploitable features Security researchers are warning about a new vulnerability in certain Linux distributions, which can be abused to uplift regular accounts to system administrators.

    The vulnerability was discovered by researcher Asim Viladi Oglu Manizada, who named it CIFSwitch. It affects a feature that allows Linux computers to connect to shared files and folders on other devices across a network. He
    also published a proof-of-concept (PoC) for the bug, which can be found here
    . Manizada says the vulnerability lingered in Linux distributions for almost two decades, and stressed that it can be exploited under certain conditions
    to elevate a users privileges from a standard account to full root access. Latest Videos From Watch full video here: You may like Another major Linux security flaw revealed nine-year old issue could spell disaster for users Another major Linux security flaw revealed 'Dirty Frag' allows root on all major distros, with no patch or fix available yet "Copy Fail" flaw impacts
    all Linux kernels released since 2017 Kernel update Numerous popular Linux distributions were said to be affected, including Mint, CentOS Stream 9,
    Rocky Linux 9, AlmaLinux 9, Kali Linux, and SLES 15 SP7. Other operating systems based on Linux, including some versions of Ubuntu and Debian, were also said to be potentially affected, depending on software packages installed.

    Some distributions are not at risk, including those that lack the affected functionality entirely, and some newer versions that include security protections against this type of attack.

    The vulnerability was fixed through a kernel update, but not all distros are patched just yet. Users are advised to install the latest security updates as soon as they become available. Admins can also disable unnecessary file-sharing components and restrict features that could help attackers exploit the flaw, if they want to be more on the safe side.

    This is the latest in a series of privilege-escalation flaws that were recently discovered in Linux, BleepingComputer reminds. Before CIFSwitch, researchers discovered Copy Fail, Dirty Frag, Fragnesia, DirtyDecrypt, and PinTheft. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Its also worth mentioning that Manizada used a Large Language Model (LLM) to discover CIFSwitch: A distro-specific Linux LPE found by harnessing LLMs into better multihop knowledge composition, he concluded.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/multiple-linux-distros-hit-by-major-cif switch-flaw-that-gives-attackers-root-access


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)