FlagThis

Qualys Security Advisory has revealed three bypasses in Ubuntu's unprivileged user namespace restrictions. These flaws, when combined with other vulnerabilities, could lead to full system access. The bypasses involve the use of aa-exec, busybox, and LD_PRELOAD, all of which can be exploited by a local attacker to create user namespaces with full administrative capabilities. This allows attackers to bypass security restrictions and potentially exploit kernel vulnerabilities that require elevated privileges.

These bypasses affect Ubuntu versions 23.10, where unprivileged user namespace restrictions are enabled, and 24.04, which has them active by default. Qualys has disclosed these vulnerabilities to the Ubuntu Security Team and is working with them to address the issues. According to Ubuntu, installations can be strengthened and the first two bypasses mitigated. The discovery underscores the need for robust security measures and highlights the ongoing battle between system security and potential exploitation.

ImgSrc: cdn.mos.cms.fut

References :

• Full Disclosure: Posted by Qualys Security Advisory via Fulldisclosure on Mar 27 Qualys Security Advisory Three bypasses of Ubuntu's unprivileged user namespace restrictions
• The DefendOps Diaries: Explore security bypasses in Ubuntu's unprivileged user namespaces and learn mitigation strategies for enhanced system protection.
• www.itpro.com: Combined with other vulnerabilities, the flaws could lead to full system access
• www.networkworld.com: Ubuntu namespace vulnerability should be addressed quickly: Expert
• BleepingComputer: New Ubuntu Linux security bypasses require manual mitigations

Classification:

• HashTags: #ubuntu #security #vulnerability
• Company: Ubuntu
• Target: Ubuntu users
• Attacker: Qualys
• Product: Ubuntu
• Feature: privilege escalation
• Type: Vulnerability
• Severity: High