THREATOPS
THREAT OPSThreat News › new af_alg exploit in the wild?

new af_alg exploit in the wild?

lowoss_secPublished 2026-07-13

<p>Posted by Bernd Zeimetz on Jul 13</p>Hi oss-sec,<br /> <br /> few hours ago we had a webhost running Debian kernel <br /> 6.12.90+deb13.1-amd64<br /> being compromised using a root exploit.<br /> Unfortunately not with many useful traces left, the only obvious<br /> happening was loading the af_alg module (not used by other modules).<br /> <br /> I know that af_alg is marked as deprecated for 7

Original source: https://seclists.org/oss-sec/2026/q3/130