Two Linux vulnerabilities have been detected in the Ubuntu core, which pose a risk of increased privileges for unrealized local users on a substantial number of devices.
Ubuntu is a widely used Linux distribution, especially in the USA, with an estimated audience of over 40 million users.
The vulnerabilities, known as CVE-2023-32629 and CVE-2023-2640, were discovered by researchers at Wiz. They were recently found in the operating system and affect approximately 40% of all Ubuntu users.
Vulnerability | Description |
---|---|
cve-2023-2640 | A high-level vulnerability (CVSS V3: 7.8) in The Ubuntu Linux core caused by an insufficient check of permits, which allows a local attacker to gain increased privileges. |
cve-2023-32629 | A mid-level vulnerability (CVSS V3: 5.4) in the Linux nucleus memory subsystem, where the state of the race when accessing VMAS can lead to the use of released memory, allowing a local attacker to execute arbitrary code. |
The vulnerabilities were identified after analysts discovered inconsistencies in the implementation of the Overlayfs module in the Linux nucleus.
Overlayfs is the implementation of the Union Mount file system, which has often been targeted by attackers in the past due to its potential for unauthorized access and numerous exploitable errors.
Although Ubuntu made changes to the Overlayfs module in 2018 to enhance security, conflicts arose in 2019 and 2022 due to modifications made by the Linux Kernel Project. These conflicts led to the emergence of the aforementioned vulnerabilities.
The risk associated with these vulnerabilities is high, as proof-of-concept exploits for them are already publicly available.
“Both vulnerabilities are unique to Ubuntu