7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
70.4%
Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks.
Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users.
“The impacted Ubuntu versions are prevalent in the cloud as they serve as the default operating systems for multiple [cloud service providers],” security researchers Sagi Tzadik and Shir Tamari said.
The vulnerabilities – tracked as CVE-2023-2640 and CVE-2023-32629 (CVSS scores: 7.8) and dubbed GameOver(lay) – are present in a module called OverlayFS and arise as a result of inadequate permissions checks in certain scenarios, enabling a local attacker to gain elevated privileges.
Overlay Filesystem refers to a union mount file system that makes it possible to combine multiple directory trees or file systems into a single, unified file system.
A brief description of the two flaws is below -
In a nutshell, GameOver(lay) makes it possible to “craft an executable file with scoped file capabilities and trick the Ubuntu Kernel into copying it to a different location with unscoped capabilities, granting anyone who executes it root-like privileges.”
Following responsible disclosure, the vulnerabilities have been fixed by Ubuntu as of July 24, 2023.
UPCOMING WEBINAR
[Shield Against Insider Threats: Master SaaS Security Posture Management
](<https://thn.news/I26t1VFD>)
Worried about insider threats? We’ve got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.
The findings underscore the fact that subtle changes in the Linux kernel introduced by Ubuntu could have unforeseen implications, Wiz CTO and co-founder Ami Luttwak said in a statement shared with the publication.
“Both vulnerabilities are unique to Ubuntu kernels since they stemmed from Ubuntu’s individual changes to the OverlayFS module,” the researchers said, adding the issues are comparable to other vulnerabilities such as CVE-2016-1576, CVE-2021-3493, CVE-2021-3847, and CVE-2023-0386.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
70.4%