Microsoft has identified multiple vulnerabilities, referred to as Nimbuspwn, that may let a hacker attain root access on many Linux desktop endpoints. The flaws can be chained together to give hackers unrestricted root access and the ability to deploy malicious payloads like a backdoor or malware. The vulnerabilities are tracked as CVE-2022-29799 and CVE-2022-29800 are directory traversal, symlink race, and time-of-check-time-of-use race condition vulnerabilities that could allow attackers to perform privileges escalation, deploy malicious payloads and carry out other malicious activities on the vulnerable Linux machines. We urge all communities who work or own Linux systems shouldn’t underscore the importance of Nimbuspwn Vulnerability and learn how to fix Nimbuspwn Vulnerability in Linux, A Privilege Escalation Vulnerability in the networkd-dispatcher unit.
Table of Contents
Summary Of The Nimbuspwn Vulnerability:
Nimbuspwn Vulnerability is the chain of two vulnerabilities identified in a systemd component called networkd-dispatcher, a service that is designed to dispatch network status changes. Attackers could chain directory traversal, symlink race, and time-of-check-time-of-use race condition vulnerabilities to perform privileges escalation, arbitrary code execution, deploy malicious payloads, and carry out other malicious activities on the vulnerable Linux machines. Check out this link below to see the full technical details published by Microsoft.
Products Affected To Nimbuspwn Vulnerability:
According to the Debian Linux distribution, networked-dispatcher v2.0-2 and 2.1-2 are vulnerable to the flaw. If you have a networked-dispatcher with the below versions on your Debian-based Linux distributions, please fix the flaw.
| Release | Version |
|---|---|
| buster | 2.0-2 |
| bullseye | 2.1-2 |
| bookworm | 2.1-2 |
| sid | 2.1-2 |
How To Check your Linux Distribution Is Vulnerable To Nimbuspwn Vulnerability?
It is simple to check this. All you need to check the version information of networked-dispatcher running on your server. There are two simple commands to check the version of networked-dispatcher.
$ sudo apt list networkd-dispatcher
This command is enough to see the version info.
$ sudo apt show networkd-dispatcher
Where as this command will give your comprehensive information about the package. You can check the output here.
In this case, this server is vulnerable to the flaw since v2.1-2 is running on this machine.
How To Fix Nimbuspwn Vulnerability In Linux?
The best and simple measure to fix the Nimbuspwn Vulnerability is to go for upgradation after Linux distributions have released the fixed version of networkd-dispatcher. Unfortunately, Debian and Ubuntu distributions have not released the fixed version yet. We recommend to track the updates on their websites.
How To Install/Upgrade The networkd-Dispatcher On Debian Or Ubuntu?
You can install, upgrade, remove, and purge networkd-dispatche as like any other apt repository package.
Command to update system repositories
$ sudo apt update
Command to install networkd-dispatcher
$ sudo apt install networkd-dispatcher
Command to upgrade networkd-dispatcher
$ sudo apt upgrade networkd-dispatcher
Command to remove or purge networkd-dispatcher with dependencies.
$ sudo remove networkd-dispatcher
$ sudo purge networkd-dispatcher
$ sudo remove –auto-remove networkd-dispatcher
$ sudo purge –auto-remove networkd-dispatcher
If the packages are not added to the apt repository, then download the package or source of the package and install like a regular Linux package.
We hope this post will help you know How to Fix Nimbuspwn Vulnerability in Linux- A Privilege Escalation Vulnerability in networkd-dispatcher. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/270211.html