Jump to content
  • Sign Up
×
×
  • Create New...

Microsoft Discovers Linux Vulnerabilities That Could Allow Attackers to Gain Root Access


Recommended Posts

  • Diamond Member

This is the hidden content, please
Discovers Linux Vulnerabilities That Could Allow Attackers to Gain Root Access

This is the hidden content, please
has revealed that it discovered a list of vulnerabilities that could allow bad actors to gain root system rights on Linux systems. Collectively called Nimbuspwn, the vulnerabilities could potentially be leveraged by attackers as a vector for root access by more sophisticated threats including malware and ransomware, the software giant said. The security flaws exist in a system component that is widely available on Linux distributions. Fixes for the reported vulnerabilities have been deployed by the maintainer of the component.

In a

This is the hidden content, please
,
This is the hidden content, please
said that the vulnerabilities discovered by the
This is the hidden content, please
365 Defender Research team could be grouped together to gain root privileges on Linux systems and allow attackers to ******** ransomware attacks or malicious actions using arbitrary code.

The vulnerabilities, tracked as CVE-2022-29799 and CVE-2022-29800, were found in the component called networkd-dispatcher, which helps provide network status updates. It runs as root when a system starts to dispatch network status changes and run scripts to respond to a new network status.

However, it was discovered that the system component included a method “_run_hooks_for_state” that allows hackers to gain access to the “/etc/networkd-dispatcher” base directory. The method essentially exposes the Linux system to the directory traversal vulnerability, which is identified as CVE-2022-29799, by not sanitising the OperationalState or the AdministrativeState, according to the

This is the hidden content, please
researchers.

The same method is also found to have the Time-of-check-time-of-use (TOCTOU) race condition flaw, which is tracked as CVE-2022-29800. This particular flaw allows attackers to replace scripts that networkd-dispatcher believes to be owned by root with the ones that contain malicious code, the researchers said.

An attacker may use multiple malicious scripts one after another to exploit the vulnerability.

This is the hidden content, please
researchers shared a proof-of-concept where they highlighted that in three attempts, they were able to win the race condition flaw and successfully plant their files.

As ArsTechnica

This is the hidden content, please
, a hacker with minimal access to a vulnerable system can exploit the reported vulnerabilities to gain full root access.

This is the hidden content, please
Principal Security Researcher Jonathan Bar Or told Gadgets 360 that the flaws have been fixed in the latest version of network-dispatcher. Users will be able to find the new version in a systemd update on their Linux machines. Otherwise, they can deploy the patches by manually install the latest network-dispatcher build.

Users can determine the existence of the vulnerabilities on their systems by using the details shared by

This is the hidden content, please
researchers. If the machines are vulnerable, it is highly recommended to look for the fixes.


Affiliate links may be automatically generated – see our ethics statement for details.



This is the hidden content, please

This is the hidden content, please
linux vulnerabilities nimbuspwn security issues root access linux,
This is the hidden content, please
,nimbuspwn,linux vulnerabilities,
This is the hidden content, please
365 defender
#
This is the hidden content, please
#Discovers #Linux #Vulnerabilities #Attackers #Gain #Root #Access

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.