A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root access.

The vulnerability, assigned a CVSS score of 7.8, uncovered by researchers st424204 and d4em0n, specifically affects the bitmap:ip set type within the netfilter subsystem.