Microsoft discovers Nimbuspwn Linux vulnerabilities

security, professional, secret-5199239.jpg

Microsoft researchers have discovered a collection of Linux vulnerabilities dubbed Nimbuspwn that could lead to privilege escalation as root on Linux desktop systems.

An attacker could exploit these vulnerabilities to take controls of affected systems.

“The vulnerabilities can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other malicious actions via arbitrary root code execution. Moreover, the Nimbuspwn vulnerabilities could potentially be leveraged as a vector for root access by more sophisticated threats, such as malware or ransomware, to achieve greater impact on vulnerable devices,” Microsoft wrote in a blog post on Tuesday.

Fixes for these vulnerabilities have been identified as CVE-2022-29799 and CVE-2022-29800.

Microsoft found the issues by listening to messages on System Bus and reviewed code flow for networkd-dispatcher, a dispatcher daemon for systemd-networkd connection status changes.

The code review revealed multiple security concerns to include “directory traversal, symlink race, and time-of-check-time-of-use race condition issues, which could be leveraged to elevate privileges and deploy malware or carry out other malicious activities.”

Fixes for networkd-dispatcher have been made available for download by the maintainer Clayton Craft.

Related Articles