Microsoft Discovers Linux Vulnerabilities That Could Allow Attackers to Gain Root Access

Microsoft 365 Defender Research team has discovered the vulnerabilities that are tracked as CVE-2022-29799 and CVE-2022-29800.

Microsoft Discovers Linux Vulnerabilities That Could Allow Attackers to Gain Root Access

Photo Credit: Reuters

Hackers may use multiple scripts to exploit the vulnerabilities on a Linux system

Highlights
  • Microsoft researchers detailed the flaws in a blog post
  • Linux distributions with networkd-dispatcher are at risk
  • The developer of the system component fixed the issues

Microsoft has revealed that it discovered a list of vulnerabilities that could allow bad actors to gain root system rights on Linux systems. Collectively called Nimbuspwn, the vulnerabilities could potentially be leveraged by attackers as a vector for root access by more sophisticated threats including malware and ransomware, the software giant said. The security flaws exist in a system component that is widely available on Linux distributions. Fixes for the reported vulnerabilities have been deployed by the maintainer of the component.

In a detailed blog post, Microsoft said that the vulnerabilities discovered by the Microsoft 365 Defender Research team could be grouped together to gain root privileges on Linux systems and allow attackers to execute ransomware attacks or malicious actions using arbitrary code.

The vulnerabilities, tracked as CVE-2022-29799 and CVE-2022-29800, were found in the component called networkd-dispatcher, which helps provide network status updates. It runs as root when a system starts to dispatch network status changes and run scripts to respond to a new network status.

However, it was discovered that the system component included a method "_run_hooks_for_state" that allows hackers to gain access to the “/etc/networkd-dispatcher” base directory. The method essentially exposes the Linux system to the directory traversal vulnerability, which is identified as CVE-2022-29799, by not sanitising the OperationalState or the AdministrativeState, according to the Microsoft researchers.

The same method is also found to have the Time-of-check-time-of-use (TOCTOU) race condition flaw, which is tracked as CVE-2022-29800. This particular flaw allows attackers to replace scripts that networkd-dispatcher believes to be owned by root with the ones that contain malicious code, the researchers said.

An attacker may use multiple malicious scripts one after another to exploit the vulnerability.

Microsoft researchers shared a proof-of-concept where they highlighted that in three attempts, they were able to win the race condition flaw and successfully plant their files.

As ArsTechnica notes, a hacker with minimal access to a vulnerable system can exploit the reported vulnerabilities to gain full root access.

Microsoft Principal Security Researcher Jonathan Bar Or told Gadgets 360 that the flaws have been fixed in the latest version of network-dispatcher. Users will be able to find the new version in a systemd update on their Linux machines. Otherwise, they can deploy the patches by manually install the latest network-dispatcher build.

Users can determine the existence of the vulnerabilities on their systems by using the details shared by Microsoft researchers. If the machines are vulnerable, it is highly recommended to look for the fixes.


Asus India's Arnold Su joins this week's Orbital, the Gadgets 360 podcast, to talk about how the PC maker is planning to grow its presence in the country. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Google Chrome Gets Improved Autofill Popup on Desktop, Google Docs Reorganised to Find Key Features Quickly
Share on Facebook Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.