Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System

Fallas de escalada de privilegios en Linux News

Microsoft disclosed Tuesday a pair of privilege escalation flaws in Linux that could allow attackers to execute a variety of criminal activities.

Collectively called “Nimbuspwn,” the flaws “can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other malicious actions via arbitrary root code execution,” Jonathan Bar Or of the Microsoft 365 Defender Research Team said in a report.

On top of that, the defects — tracked as CVE-2022-29799 and CVE-2022-29800 — could also be weaponized as a vector for root access to deploy more sophisticated threats such as ransomware.

The vulnerabilities are rooted in a systemd component called networkd-dispatcher, a daemon program for the network manager system service that’s designed to dispatch network status changes.

Privilege Escalation Flaws in Linux

Specifically, they relate to a combination of directory traversal (CVE-2022-29799), symbolic link (aka symlink) race, and time-of-check to time-of-use (CVE-2022-29800) flaws, leading to a scenario where an adversary in control of a rogue D-Bus service can plant and execute malicious backdoors on the compromised endpoints.

Users of networked-dispatcher should update to the most recent version in order to avoid potential exploiting flaws.

” The increasing number of Linux-based vulnerabilities emphasizes the importance of strong monitoring of its operating system and components,” Bar Or stated.

” This constant stream of attacks across a variety of devices and platforms highlights the importance of a proactive and comprehensive vulnerability management strategy that can identify and mitigate any previously undiscovered exploits or issues. “

Rate author