Articles Ubuntu fixes bugs allowing to elevate privileges to root

Ubuntu fixes bugs allowing to elevate privileges to root


The Ubuntu desktop developers have released updates with a new package gdm3, which fixes a dangerous vulnerability in the GNOME window manager. In conjunction with one of two bugs of the AccountsService, also patched, it allows you to execute any code on the system as root. The exploitation of new vulnerabilities is only possible with physical access to the device and a valid account.

The GNOME software implements windowing functions on the computer screen and, among other things, is responsible for displaying the login screen. According to the bulletin , the CVE-2020-16125 vulnerability in GDM is caused by incorrect launching of the initial configuration program (gnome-initial-setup) when the AccountsService daemon is not available through DBus.

The window manager can initiate the start of the initial configuration if it does not find any accounts in the system. He asks for data on the presence of such, referring to accounts-daemon. If this process does not respond, GDM will assume that the accounts are missing and will run the gnome-initial-setup utility, through which a new account can be registered with superuser privileges.

The vulnerability is fixed in GNOME 3.28.3, 3.36.2, and 3.38.2. Corresponding updates are already available for Ubuntu versions 20.10, 20.04 and 18.04.

As it turns out, the CVE-2020-16125 issue can be exploited by forcibly terminating the accounts-daemon process. This daemon, running as root, has two bugs that make it easy to do this.

Vulnerability CVE-2020-16126 occurred due to incorrect privilege reset (ruid attribute) while processing some DBus calls; error CVE-2020-16127 occurs when processing custom .pam_environment files. Operation in both cases can cause accounts-daemon to crash or hang, leading to denial of service (DoS).

These issues affect Ubuntu 20.10, 20.04, 18.04, 16.04 and 14.04 (CVE-2020-16127 confirmed only in Ubuntu 20.04 LTS and Ubuntu 20.10) and have already been fixed.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you