suspicious message

I just received this message, is it correct?

the message is from you (knownhost support)


`Hello,We are reaching out to you today to inform you of steps we are taking to patch your system for CVE-2024-1086. https://nvd.nist.gov/vuln/detail/CVE-2024-1086This exploit can be used to allow unprivileged users to obtain root access on your server. As a result this is quite a severe exploit and we are taking steps to proactively patch it. We will be updating the kernel on your system, and if compatible, applying a live kernel patch. A reboot may be required and we will let you know if this is the case.This ticket is to track the progress of our team and we will update you shortly if any further action is required.`

`Hello,It seems passwordless access is not enabled for your server as such we would need your root password to proceed with this.----------Constantinos C.KnownHost, LLC`
 
This would be a legitimate message from our Support department, it's a very serious exploit.
Jonathan, if one has not received such a message, is it safe to assume that one's kernel has already been patched, or that we are on an Alma release that's already patched?

Maybe best not to send out this kind of alert on April Fools' Day? ;-)
 
Top