Unprivileged threat actors can obtain root privileges by exploiting a Local Privilege Escalation (LPE) flaw in default configurations of the Linux Kernel’s filesystem layer on exposed devices.
Cybersecurity specialists at Qualys found that the LPE security bug tracked as CVE-2021-33909 aka Sequoia is present in the filesystem layer utilized to manage user data, a feature universally used by all important (Linux) operating systems.
According to the study, the flaw affects all Linux kernel versions released since 2014.
Once successfully exploited on a vulnerable system, the cybercriminals acquire full root privileges on default installations of multiple modern distributions.
We successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable.
Linux users are advised to apply patches released yesterday as the attack surface exposed by the LPE security bug reaches over a wide range of distros and releases.
The Qualys researchers have also stumbled upon a stack exhaustion denial-of-service vulnerability, tracked as CVE-2021-33910, that affects the systemd utility.
systemd is a software suite that provides an array of system components for Linux operating systems. Its main aim is to unify service configuration and behavior across Linux distributions; systemd’s primary component is a “system and service manager”—an init system used to bootstrap user space and manage user processes.
This security vulnerability was introduced in April 2015 and is present in all systemd versions released since then, except for those published yesterday to patch the flaw, BleepingComputer reported.
The cloud security company also created and attached proof-of-concept exploits to the two blog posts, PoC exploits meant to show how possible cybercriminals could successfully take advantage of these two vulnerabilities.