dEEpEst Posted July 29, 2023 Share Posted July 29, 2023 Elevation of privilege vulnerabilities in the Ubuntu Kernel. The Ubuntu kernel has been a constant target for dedicated researchers and developers working to detect and resolve possible vulnerabilities. Two new vulnerabilities have been reported, detailed below: This is the hidden content, please Sign In or Sign Up is a critical vulnerability (with a CVSS v3 score of 7.8) found in the Ubuntu Linux kernel, due to the presence of improper permission checks. This can allow an attacker who has local access to the system to gain unauthorized elevated privileges. This is the hidden content, please Sign In or Sign Up is a moderate severity vulnerability (with a CVSS v3 score of 5.4) that affects the memory management subsystem of the Linux kernel. This vulnerability is due to a race condition that occurs when accessing virtual memory areas (VMAs), which could lead to a post-free use case. A local attacker could take advantage of this to execute arbitrary code on the affected system. The researchers discovered the problems after finding discrepancies in the way the OverlayFS module was implemented in the Linux kernel. OverlayFS is a union mount file system that has been the subject of concern in the past due to its potential to allow unauthorized access via user namespaces and its propensity to contain easily exploitable bugs. Unfortunately, the risk of exploitation is imminent, as the PoCs for the two flaws have been publicly available for a long time. Affected Products Ubuntu versions lower than 23.04 Solution Upgrade Ubuntu to version 23.04 or higher recommendations Users who are inexperienced in reinstalling and activating third-party kernel modules are advised to upgrade via the package manager. This ensures a safe and smooth upgrade, as the package manager will take care of managing the necessary dependencies and configurations after installation. A reboot is required after installing the updates for the Linux kernel update to take effect on Ubuntu. Security teams should either patch their workloads or restrict OverlayFS to root users only. References. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts