SamTech

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

Source: The Hacker News - Link to Article

Security researchers have recently disclosed two high-severity vulnerabilities in the Ubuntu Linux kernel that could allow attackers to gain elevated privileges on affected systems. The flaws, tracked as CVE-2023-2640 and CVE-2023-32629, reside in the OverlayFS kernel module used by Ubuntu.

Dubbed GameOver(lay) by the researchers, these vulnerabilities arise due to inadequate permissions checks in specific scenarios. By exploiting them, a local attacker could craft executables with scoped capabilities that when copied elsewhere result in unscoped root privileges.

According to researchers, the vulnerabilities impact approximately 40% of Ubuntu users, as the affected versions are widely deployed in cloud infrastructures. Major cloud providers use Ubuntu as the default OS for their virtual machine offerings.

The issues are unique to Ubuntu, stemming from changes made to the OverlayFS code by Canonical. They are similar to previously disclosed Linux elevation of privilege bugs like CVE-2016-1576 and CVE-2021-3847.

After responsible disclosure by the researchers, Canonical released patched Ubuntu kernel versions on July 24, 2023 that address GameOver(lay). Ubuntu users should update their systems to the latest versions containing these fixes.

The discovery highlights that subtle modifications made to the Linux kernel by distributions like Ubuntu can sometimes introduce unexpected security problems. It demonstrates the importance of prompt security updates to address issues rapidly when discovered and disclosed responsibly.

Users and organizations running Ubuntu or Linux systems should ensure they are always on the latest patched kernel versions provided by their distributors. Staying up-to-date remains critical to defend against emerging privilege escalation threats.

Disclaimer: The above blog post is a summary of an article from The Hacker News. For more details and the full content, please refer to the original article.