Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

27 April 2022

Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many Linux endpoints, allowing them to deploy backdoors, malware, ransomware, or perform other malicious actions. About the vulnerabilities (CVE-2022-29799, CVE-2022-29800) CVE-2022-29799 is a directory traversal bug; CVE-2022-29800 is a time-of-check-time-of-use (TOCTOU) race condition that could allow an attacker to replace scripts that networkd-dispatcher (the vulnerable systemd unit) believes to be owned by root to ones that are not.

Read full article on Help Net Security

Date:

27 April 2022

Categorie(s):

NEWS

Tag(s):

CISA, Debian Linux, IT, Linux Mint, Microsoft

An attorney says she saw her library reading habits reflected in mobile ads. That’s not supposed to happen18 May 2024
Gawd, after that week, we wonder what’s next for China and the Western world18 May 2024
[FREE EBOOKS] Cyber Security and Network Security, Build Your Own Programming Language – Second Edition & Four More Best Selling Titles18 May 2024
US Official Warns a Cell Network Flaw Is Being Exploited for Spying18 May 2024
How two brothers allegedly swiped $25M in a 12-second Ethereum heist18 May 2024