Two Linux vulnerabilities were discovered in the Ubuntu kernel, allowing unprivileged local users to gain elevated privileges on many devices.
Two Linux vulnerabilities were discovered in the Ubuntu kernel, allowing unprivileged local users to gain elevated privileges on many devices.
Ubuntu is a widely used Linux distribution, particularly popular in the U.S., with over 40 million users.
Wiz's researchers, S. Tzadik and S. Tamari, identified two flaws tracked as CVE-2023-32629 and CVE-2023-2640, recently introduced into the operating system. According to the researchers, the flaws impact 40% of the users of the widespread Linux distribution.
CVE-2023-2640 is a high-severity (CVSS v3 score: 7.8) vulnerability in the Ubuntu Linux kernel caused by inadequate permission checks allowing a local attacker to gain elevated privileges. And CVE-2023-32629 is a medium-severity (CVSS v3 score: 5.4) flaw in the Linux kernel memory management subsystem, where a race condition when accessing VMAs may lead to use-after-free, allowing a local attacker to perform arbitrary code execution.
Researchers discovered these vulnerabilities while examining the OverlayFS module implementation in the Linux kernel. OverlayFS is a union mount filesystem implementation targeted by threat actors often due to its vulnerabilities allowing unprivileged access.
In 2018, Ubuntu implemented custom changes to its OverlayFS module, which were considered generally safe. However, in 2019 and 2022, the Linux kernel project modified the module. The introduction of these conflicting changes into Ubuntu's distribution led to the emergence of the two flaws.
Both vulnerabilities are unique to Ubuntu kernels since they stemmed from Ubuntu's changes to the OverlayFS module, warned the Wiz researchers. Exploits for past OverlayFS vulnerabilities can be easily adapted for these flaws.
It is essential to highlight that two flaws only impact Ubuntu, and any other Linux distribution, including Ubuntu forks, not using custom modifications of the OverlayFS module should be safe.
Ubuntu has released a security bulletin addressing these issues along with six other vulnerabilities in the latest version of the Ubuntu Linux kernel, and users are recommended to perform the update via their package manager, which will take care of all dependencies and post-install configurations. A reboot is required after installing the updates for the Linux kernel update to take effect on Ubuntu.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?