40% of Ubuntu users vulnerable to new privilege elevation flaws

by | Jul 28, 2023 | News

40% of Ubuntu users vulnerable to new privilege elevation flaws

Post Views: 941

Premium Content

Patreon

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

Two recently discovered Linux vulnerabilities have raised concerns for Ubuntu users, potentially granting unprivileged local users elevated privileges on a massive number of devices. Ubuntu, a widely used Linux distribution with a significant user base of over 40 million, faces the impact of CVE-2023-32629 and CVE-2023-2640, identified by researchers from Wiz.

CVE-2023-2640 is a high-severity vulnerability in the Ubuntu Linux kernel, allowing a local attacker to gain elevated privileges due to inadequate permission checks. On the other hand, CVE-2023-32629, a medium-severity flaw in the Linux kernel memory management subsystem, enables a local attacker to execute arbitrary code through a race condition when accessing VMAs, leading to use-after-free.

The root of these issues lies in discrepancies during the implementation of the OverlayFS module into the Linux kernel. OverlayFS, known for its union mount filesystem, has been targeted by threat actors in the past due to unprivileged access via user namespaces and exploitable bugs. In 2018, Ubuntu implemented custom changes to the OverlayFS module, which were considered safe.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

However, subsequent modifications made by the Linux kernel project in 2019 and 2022 caused conflicts with Ubuntu’s changes, leading to the introduction of the two vulnerabilities in the recent widespread distribution.

The severity of the situation is further aggravated by the fact that weaponized exploits for these flaws are already publicly available, as old exploits for past OverlayFS vulnerabilities work seamlessly without any alterations.

It’s important to note that only Ubuntu is affected by these highlighted flaws, and other Linux distributions, including Ubuntu forks, not using custom modifications of the OverlayFS module remain safe.

Trending: Unlocking Windows System Resource Utilization for Digital Forensics Analysis with SRUM Dump

Trending: Digital Forensics Tool: ScrapPy

Ubuntu has issued a security bulletin addressing the issues along with six additional vulnerabilities in the latest version of the Ubuntu Linux kernel. Fixing updates are readily available for users, and those unfamiliar with the process are encouraged to perform the update via their package manager, ensuring all dependencies and post-install configurations are handled. A system reboot is necessary after installing the updates to implement the Linux kernel updates effectively on Ubuntu.

Trending: WormGPT: Unleashing the Dark Side of Generative AI for Cybercrime

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This