Last updated on July 28th, 2022 at 12:43 am

Microsoft security researchers have detected two critical vulnerabilities that could allow threat actors to carry out a series of malicious activities with root privileges on Linux systems. The vulnerabilities collectively called “Nimbuspwn” can be used to gain root privileges on Linux systems and allow threat actors to deploy various malicious software such as backdoor and ransomware to the vulnerable system.

Nimbuspwn security vulnerabilities, tracked as CVE-2022-29799 and CVE-2022-29800, exist in networkd-dispatcher, a component that sends link state changes on Linux machines. The vulnerability tracked as code CVE-2022-29799 exists due to a Directory Traversal error in the _run_hooks_for_state function in the source code of networkd-dispatcher. Another security vulnerability with code CVE-2022-29800 is related to a time-of-check to time-of-use (TOCTOU) error in the _run_hooks_for_state function.

critical privilege escalation vulnerabilites in linux

To not be the target of malware campaigns that can be carried out using these security vulnerabilities, users of networkd-dispatcher are advised to immediately update the vulnerable versions to the latest version that fixes the vulnerabilities.

critical CVE-2022-29799 CVE-2022-29800 Linux linux distributions Microsoft nimbuspwn privilege escalation vulnerability

Multiple Privilege Escalation Vulnerabilities Detected in Linux Operating System

MOVEit Transfer Software Exploited Through Critical Zero-Day Vulnerability

“Triangulation Trojan” Launches Sophisticated Attack on Apple Devices

Perspective of the Month | APT Groups

BellaCiao: The New Malware From Iran’s Charming Kitten

We know what hackers know about you

Solutions

Use Case

Partners

Company