Recent Posts
11
CentOS 9 Problems / New CentOS 9 Vulnerability Allows Attackers to Escalate Privileges to Root
« Last post by Starburst on February 09, 2026, 03:36:30 PM »For those running CentOS Stream 9, this is a Major Vulnerability.
New CentOS 9 Vulnerability Allows Attackers to Escalate Privileges to Root
Author image Cyber Press ®
See: https://www.linkedin.com/pulse/new-centos-9-vulnerability-allows-attackers-escalate-privileges-a8xnc/
A newly identified privilege escalation flaw in CentOS Stream 9 has triggered significant security concerns within the Linux community.
The vulnerability, originating from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, allows a local user to escalate privileges to root.
The issue was spotlighted at the TyphoonPWN 2025 hacking competition, where it won first place in the Linux category.
Adding urgency, a Proof-of-Concept (PoC) exploit has been publicly released, enabling attackers to achieve full system compromise on vulnerable installations reliably.
Root Cause in CAKE Scheduler
The flaw exists in the sch_cake (Common Applications Kept Enhanced) packet scheduler, a component responsible for managing network traffic shaping in the kernel.
The issue specifically lies in the cake_enqueue() function, which mishandles return codes during packet drops.
Under buffer pressure, CAKE discards packets using cake_drop(), yet incorrectly returns NET_XMIT_SUCCESS, indicating to upper layers that the packet was successfully queued.
New CentOS 9 Vulnerability Allows Attackers to Escalate Privileges to Root
Author image Cyber Press ®
See: https://www.linkedin.com/pulse/new-centos-9-vulnerability-allows-attackers-escalate-privileges-a8xnc/
A newly identified privilege escalation flaw in CentOS Stream 9 has triggered significant security concerns within the Linux community.
The vulnerability, originating from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, allows a local user to escalate privileges to root.
The issue was spotlighted at the TyphoonPWN 2025 hacking competition, where it won first place in the Linux category.
Adding urgency, a Proof-of-Concept (PoC) exploit has been publicly released, enabling attackers to achieve full system compromise on vulnerable installations reliably.
Code: [Select]
cstatic s32 cake_enqueue(struct sk_buff *skb, struct Qdisc *sch,
struct sk_buff **to_free)
{
// ...
if (q->buffer_used > q->buffer_limit) { // [1] Check buffer limit
u32 dropped = 0;
while (q->buffer_used > q->buffer_limit) {
dropped++;
cake_drop(sch, to_free); // [2] Packet is DROPPED here
}
b->drop_overlimit += dropped;
}
return NET_XMIT_SUCCESS; // [!] Returns SUCCESS anyway
} Root Cause in CAKE Scheduler
The flaw exists in the sch_cake (Common Applications Kept Enhanced) packet scheduler, a component responsible for managing network traffic shaping in the kernel.
The issue specifically lies in the cake_enqueue() function, which mishandles return codes during packet drops.
Under buffer pressure, CAKE discards packets using cake_drop(), yet incorrectly returns NET_XMIT_SUCCESS, indicating to upper layers that the packet was successfully queued.
12
CSF Firewall / Re: Should we update CSF to V15??
« Last post by kalybg on February 09, 2026, 07:38:42 AM »OK .... Thank you
13
CSF Firewall / Re: Should we update CSF to V15??
« Last post by Starburst on February 06, 2026, 02:19:35 PM »They are 2 sperate CSF forks.
Hence all the forks have different version numbers now, not a universal one.
Some could use the last CSF v15.00 code, call it CSF2 with v1.0
If you want to switch to the Sentinel fork, you can.
But from what I read it's aimed more at cPanel.
It also doesn't have the support like the Aetherinox fork does.
But it's all personal preference at this time.
Hence all the forks have different version numbers now, not a universal one.
Some could use the last CSF v15.00 code, call it CSF2 with v1.0
If you want to switch to the Sentinel fork, you can.
But from what I read it's aimed more at cPanel.
It also doesn't have the support like the Aetherinox fork does.
But it's all personal preference at this time.
14
CSF Firewall / Re: Should we update CSF to V15??
« Last post by kalybg on February 06, 2026, 09:31:00 AM »Hello,
I updated CSF Firewall – to v15.08 using these instructions - https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/aetherinox-csf-firewall-update-to-v15-08/
I want to ask if it is possible to update to version 15.11 using this source - https://sentinelfirewall.org/docs/upgrade-from-csf/
Greetings,
I updated CSF Firewall – to v15.08 using these instructions - https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/aetherinox-csf-firewall-update-to-v15-08/
I want to ask if it is possible to update to version 15.11 using this source - https://sentinelfirewall.org/docs/upgrade-from-csf/
Greetings,
15
CentOS 9 Problems / Re: mysql update
« Last post by zeejdeej on February 05, 2026, 10:53:18 PM »thanks for the help highly appreciated.
16
CentOS 9 Problems / Re: mysql update
« Last post by overseer on February 05, 2026, 10:36:56 PM »I would suggest updating to MariaDB 10.11 LTS version:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/upgrade-mariadb-10-x-to-10-11-with-cwp-on-almalinux-9/
or
https://www.alphagnu.com/topic/23-upgrade-mariadb-1011-in-cwp-centos-7-centos-8-stream-almalinux-78-rockylinux-78/
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/upgrade-mariadb-10-x-to-10-11-with-cwp-on-almalinux-9/
or
https://www.alphagnu.com/topic/23-upgrade-mariadb-1011-in-cwp-centos-7-centos-8-stream-almalinux-78-rockylinux-78/
17
CentOS 9 Problems / mysql update
« Last post by zeejdeej on February 05, 2026, 10:30:15 PM »hello,
mysql is not updating in almalinux 9.7 automatically from cwp panel? how to get mysql updates automatically within cwp panel?
Regards,
Zee
mysql is not updating in almalinux 9.7 automatically from cwp panel? how to get mysql updates automatically within cwp panel?
Regards,
Zee
18
CentOS 9 Problems / Re: ClamAV issue in user panel
« Last post by Starburst on February 05, 2026, 12:23:49 PM »With AlmaLinux 9, things have to be installed in a certain way.
Including ClamAV.
If not, they will not work.
There is an old install guide running around the forums on the proper way to install AlmaLinux 9 and CWP.
Including ClamAV.
If not, they will not work.
There is an old install guide running around the forums on the proper way to install AlmaLinux 9 and CWP.
19
PHP / how to install and configure relay extension for php-fpm83 in cwp
« Last post by zeejdeej on February 05, 2026, 11:33:25 AM »hello,
can someone guide me how to install and configure relay extension for php-fpm83 in cwp for redis cache server. i have already installed redis cache server and its working perfectly fine. just want to install and configure relay extension with the per-requsits json, igbinary, and msgpack ,
i cant find them on php-fpm selector options these extensions.
Regards,
Zee
can someone guide me how to install and configure relay extension for php-fpm83 in cwp for redis cache server. i have already installed redis cache server and its working perfectly fine. just want to install and configure relay extension with the per-requsits json, igbinary, and msgpack ,
i cant find them on php-fpm selector options these extensions.
Regards,
Zee
20
CentOS 9 Problems / Re: ClamAV issue in user panel
« Last post by zeejdeej on February 04, 2026, 04:01:27 PM »is there a work around now to fix this issue without re-installing complete cwp again ?
