In line with stories, a privilege escalation vulnerability has been present in Ubuntu programs inside the OverlayFS module.
OverlayFS is a Linux filesystem that has been broadly utilized in containers.
OverlayFS permits the deployment of dynamic filesystems with respect to the pre-built photos.
Nevertheless, weak variations of the Ubuntu Working system have been the default programs offered by a lot of the Cloud Safety Suppliers (CSPs).
This vulnerability exists because the ovl_copy_up_meta_inode_data module expertise permission checks when calling the ovl_do_setxattr on Ubuntu kernels. The CVSS Rating for this vulnerability is given as 7.8 (Excessive).
This vulnerability exists because the UBUNTU: SAUCE: overlayfs skip permission checks for trusted.overlayfs.* xattrs.
An attacker with out privileges can exploit this vulnerability by setting privileged prolonged attributes on the mounted recordsdata and setting them on the higher recordsdata with out acceptable checks. The CVSS Rating for this vulnerability is given as 7.8 (Excessive).
Battle of Ubuntu Patch (2018) with Linux Kernel Venture (2019 & 2022)
Non-privileged customers can entry the OverlayFS module through consumer namespaces which makes it a first-rate goal for native privilege escalation. These vulnerabilities have been patched by Ubuntu in 2018.
However, Researchers at Wix discovered that the Linux Kernel Venture made some new updates in 2019 and 2022.
A number of modifications to the OverlayFS module resulted in a battle between the earlier patches and the newest replace.
Exploits are already publicly out there for these exploits. Customers of Ubuntu variations earlier than 23.04 are advisable to improve to the newest model to repair these vulnerabilities from getting exploited.
Ubuntu has launched a safety discover which patches a number of vulnerabilities and credited the researchers.
Keep up-to-date with the newest Cyber Safety Information; comply with us on GoogleNews, Linkedin, Twitter, and Fb.