CISA: Urgent patching needed for actively exploited Linux kernel flaw

SecurityWeek reports that federal agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to remediate within three weeks a Linux kernel bug, tracked as CVE-2021-3493, which has been added to the agency's Known Exploited Vulnerabilities Catalog following active exploitation by the new stealthy Linux malware Shikitega. Linux-based IoT devices and endpoints have been targeted by the Shikitega malware, which abuses CVE-2021-3493 and CVE-2021-4034, also known as PwnKit, to facilitate privilege escalation. However, only Ubuntu has so far been observed to be impacted by the Linux kernel vulnerability. Despite requiring only federal agencies to apply patches for the flaw until Nov. 10, the CISA has urged all organizations across the U.S. immediately address the vulnerability and other bugs included in its KEV catalog. CISA has also updated its KEV catalog to include a recent flaw impacting Zimbra systems, which has only been addressed following active exploitation by threat actors.