An attacker could have gained administrator rights, executed malicious code on the target device and installed a backdoor. A secure version is already available. […]
The Microsoft 365 Defender research team has discovered a new Linux vulnerability with increased permissions, as stated in this security blog.). The vulnerabilities, which are summarized under the name “Nimbuspwn”, would have allowed an attacker to gain root rights (administrator rights) on many Linux desktop devices.
According to Microsoft, the vulnerabilities can be connected to each other in order to run any code or malware on the target device with the acquired root privileges (privileges to root) or to install a backdoor into the Linux system.
Vulnerabilities are in the networkd dispatcher
As Microsoft continues, the vulnerabilities were found when checking system services running with administrator rights.
When messages of the so-called system bus were analyzed, a strange pattern was noticed in a systemd unit called networkd dispatcher. More details can be found in the blog.).
Patch is available
The vulnerabilities are now known under the CVE numbers CVE-2022-29799 and CVE-2022-29800. Microsoft has reported the vulnerabilities to the maintainers of networkd-dispatcher.
Meanwhile, secured versions are available. Microsoft is asking networkd dispatcher users to update their instances.
*Claudia Maag is an author at PCtipp.ch