[ad_1]
Gameover (LE) vulnerability: new privilege escalation vulnerabilities impression Ubuntu functions
Viz safety researcher S. Tzadik and S. Tamari just lately found two new privilege escalation vulnerabilities contained in the generic OverlayFS filesystem, codenamed GameOver (LE). These vulnerabilities have an effect on a lot of Ubuntu clients worldwide, representing roughly 40% of all Ubuntu clients. On this article, we are going to current an in depth description of those vulnerabilities and the steps to test in case your Ubuntu system is weak.
Excessive Linux vulnerability impacts Ubuntu functions
The primary vulnerability, acknowledged as CVE-2023-2640, is rated as Extraordinarily Crucial with a CVSS v3 score of seven.8. This impacts Ubuntu kernels above the 5.15.0 mannequin. This vulnerability permits unprivileged customers to set privileged lengthy attributes on mounted knowledge or file functions, giving them elevated privileges on the system.
The second vulnerability, generally generally known as CVE-2023-32629, is assessed as Medium Severity with a CVSS v3 rating of 5.4. This impacts all Linux kernels with the 5.4.0 mannequin. This vulnerability exploits a congestion situation contained in the kernel reminiscence administration subsystem when accessing the Digital Reminiscence Home (VMA), leading to arbitrary code execution.
These vulnerabilities may be traced again to the modifications made by Ubuntu to its OverlayFS module launch in 2018. These adjustments confronted objections from the Linux kernel downside, which have been particularly associated to setting lengthy attributes that underlie consumer permissions. Though Linux rolled out a repair for this vulnerability in 2020, the modifications weren’t included within the Ubuntu module changeset.
Ami Lutwak, chief technical officer and co-founder of Viz, mentioned: “Slight adjustments contained in the Linux kernel launched by Ubuntu a number of years in the past have a sudden impression. We discovered two privilege escalation vulnerabilities due to these adjustments, and who is aware of what number of completely different vulnerabilities lurk within the spaghetti shadow of the Linux kernel?
In keeping with Mike Parkin, Senior Technical Engineer at Vulkan Cyber, “Thankfully, whereas these vulnerabilities are straightforward to use, they require native consumer entry, which ought to restrict assault plans. Ubuntu has launched patches to cope with the issue and distributions utilizing the affected OverlayFS module ought to exchange their kernels as quickly as doable.
Which Ubuntu variants are weak
Viz’s evaluation reveals that upcoming Ubuntu variants have been compromised:
| launch | fallen model | CVE-2023-2640 | CVE-2023-32629 |
|---|---|---|---|
| Ubuntu 23.04 (Moon Lobster) | 6.2.0 | Secure | Secure |
| Ubuntu 22.10 (Kinetic Kudu) | 5.19.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 5.19.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 6.2.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 5.15.0 | No | No |
| Ubuntu 20.04 LTS (Focal Pit) | 5.15.0 | No | No |
| Ubuntu 20.04 LTS (Focal Pit) | 5.4.0 | No | Secure |
| Ubuntu 18.04 LTS (Bionic Beaver) | 5.4.0 | No | Secure |
Confirm whether or not your system is weak or not?
To search out out in case your Ubuntu mannequin is weak, comply with these steps:
- Open terminal and run the next command:
cat /and so forth/os-release- Confirm the kernel dummy quantity by operating the next command:
uname -r
patch linux vulnerability in ubuntu
[ad_2]
To entry further info, kindly consult with the next link