[ad_1]
GameOver (Lay) Vulnerability: New privilege escalation vulnerabilities have an effect on Ubuntu applications
Safety researchers S. Tzadik and S. Tamari of Wiz just lately found two new privilege escalation vulnerabilities inside the usual OverlayFS filesystem, codenamed GameOver (Lay). These vulnerabilities influence a big number of Ubuntu clients worldwide, representing roughly 40% of all Ubuntu clients. On this article, we are going to current detailed particulars about these vulnerabilities and details about the steps to check in case your Ubuntu system is weak.
Excessive Linux vulnerability impacts Ubuntu applications
The first vulnerability, acknowledged as CVE-2023-2640, is rated as excessive severity with a CVSS v3 rating of seven.8. It impacts Ubuntu kernels above the 5.15.0 mannequin. This vulnerability permits deprived customers to set privileged lengthy attributes on mounted information or file applications, granting them elevated privileges on the system.
The second vulnerability, typically generally known as CVE-2023-32629, is assessed as medium severity with a CVSS v3 ranking of 5.4. It impacts all Linux kernels with the 5.4.0 mannequin. This vulnerability exploits a rush state of affairs inside the kernel reminiscence administration subsystem when the Digital Memory House (VMA) is accessed, leading to arbitrary code execution.
These vulnerabilities can be traced to modifications Ubuntu made to its OverlayFS module launch in 2018. These modifications had been met with objections from the Linux Kernel Problem, significantly associated to setting lengthy attributes outlining consumer permissions. Though Linux rolled out a repair for this vulnerability in 2020, the modifications weren’t included within the Ubuntu module change.
Ami Luttwak, Chief Technical Officer and co-founder of Wiz, acknowledged: “Delicate modifications inside the Linux kernel launched by Ubuntu a number of years in the past have sudden implications. We found two privilege escalation vulnerabilities brought on by these modifications, and who is aware of what number of completely different vulnerabilities lurk within the spaghetti shadow of the Linux kernel anyway?
In response to Mike Parkin, senior technical engineer at Vulcan Cyber, “Fortunately, whereas these vulnerabilities are simple to make use of, they require native consumer entry, which ought to restrict the assault plan. Ubuntu has launched patches to deal with the issue and distributions utilizing the affected OverlayFS module ought to exchange their kernel as quickly as attainable.
Which Ubuntu variants are weak
Wiz’s evaluation signifies that upcoming Ubuntu variants have been compromised:
| Launch | Kernel mannequin | CVE-2023-2640 | CVE-2023-32629 |
|---|---|---|---|
| Ubuntu 23.04 (moon lobster) | 6.2.0 | Secure | Secure |
| Ubuntu 22.10 (Kinetic Kudu) | 5.19.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 5.19.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 6.2.0 | Secure | Secure |
| Ubuntu 22.04 LTS (Jammy Jellyfish) | 5.15.0 | NO | NO |
| Ubuntu 20.04 LTS (focal pit) | 5.15.0 | NO | NO |
| Ubuntu 20.04 LTS (focal pit) | 5.4.0 | NO | Secure |
| Ubuntu 18.04 LTS (Bionic Beaver) | 5.4.0 | NO | Secure |
Verify in case your system is weak or not?
To seek out out in case your Ubuntu mannequin is weak, observe these steps:
- Open the terminal and run the following command:
cat /and so forth/os-release- Verify the kernel mannequin amount by working the following command:
uname -r
Repair Linux vulnerability in Ubuntu
[ad_2]
To entry extra data, kindly discuss with the next link