A local malicious user can circumvent the Falco detection engine through 0.28.1 by running a program that alters arguments of system calls being executed. Issue is fixed in Falco versions >= 0.29.1.
Add your gear to cvedb and we'll alert you only when falco ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.