Whatever operating system we use, it is worth always having it well updated. And, make no mistake, this does not mean that you have to use one that uses the latest packages out of necessity. There are distributions that use slightly older software that are responsible for applying the patches on their own, backporting everything important. For example, the kernel, which this week received a major patch on Linux versions ranging from 6.1 to 6.5.
Right now, Linux 6.5 has not even seen its first Release Candidate published, but its news already includes a patch that corrects a vulnerability that has been disclosed under the name of StackRot. StackRot is a privilege escalation vulnerability in Linux that hasn't been talked about until a few hours ago. It affects Linux 6.1 and later, so the kernel maintainers team released the patch without making much noise. Versions that already arrived last week are not affected.
Upgrade your Linux 6.1+ when possible
StackRot does its tricks inside the memory management code and is therefore highly exposed in the affected wide kernel configurations. The worst thing is that we are talking about a vulnerability that exists since September 2022, when the VMA tree was moved to the Mapple Trees structure. The versions that correct the bug are Linux 6.1.137, 6.3.11, 6.4.1 and the 6.5 that is now receiving requests. Linux 6.2 it is no longer supported, so it is not listed.
In most cases, Linux distributions will push new kernel versions or apply their own patches based on those of the official versions. Those who have installed the kernel on their own should update as soon as possible.
WTF?! Has it existed since September 2023 when we are in July 2023? It must be the work of the Reverse Flash, alias Ezra Miller...