Nimbuspwn, as Microsoft has named the EoP threat, is two vulnerabilities that reside in the networkd-dispatcher, a component in many Linux distributions that dispatch network status changes and can run various scripts to respond to a new status. When a machine boots, networkd-dispatcher runs as root.

The flaws, tracked as CVE-2022-29799 and CVE-2022-29800, combine threats including directory traversal, symlink race, and time-of-check time-of-use (TOCTOU) race condition.

  • Helix 🧬
    link
    fedilink
    92 years ago

    And of course they gave it a fancy name. Why wouldn’t they. Does the thing also have a website and Instagram?

  • @[email protected]
    link
    fedilink
    6
    edit-2
    2 years ago
    • Microsoft A: We have patched 47 privilege escalation vulnerabilities last month. How is Linux doing?
    • Microsoft B: Well… they have 2-3 per year.
    • Microsoft A: Hold my beer!
  • @[email protected]
    link
    fedilink
    32 years ago

    Actually a very interesting vulnerability. It involves swapping out scripts right before root runs them.

    Thanks for hardening the desktop, MS :)