Linux desktop vulnerabilities give untrusted users root

By

Niranjan Maharajh

October 20, 2022

•

1

min read

Microsoft has uncovered vulnerabilities that make it easy for anybody with a toehold on many Linux desktop systems to easily get root system rights— the open source OS's newest elevation of privileges issue.

Two vulnerabilities in the networkd-dispatcher, a component in many Linux distributions that dispatches network status updates and can run multiple scripts to reply to a new status, have been dubbed Nimbuspwn by Microsoft. Networkd-dispatcher runs as root when a machine starts up.

CVE-2022-29799 and CVE-2022-29800 are vulnerabilities that combine risks such as directory traversal, symlink race, and the time-of-check time-of-use (TOCTOU) race condition.

READ MORE HERE

‍

Niranjan Maharajh

Similar articles

48 Minutes to Disaster: How Phishing Attacks Exploit Weaknesses

A recent manufacturing sector breach demonstrates how attackers combine phishing tactics with legitimate tools to quickly gain control and move laterally within a network, emphasizing the need for enhanced detection and prevention strategies.

February 21, 2025

Ascension Healthcare Ransomware Attack: Impact and Implications

A ransomware attack on Ascension Health in May compromised the data of nearly 5.6 million individuals and raised concerns about potential harm to patients due to disrupted healthcare services

February 16, 2025

Linux desktop vulnerabilities give untrusted users root

Linux desktop vulnerabilities give untrusted users root

Niranjan Maharajh

Hackers are actively exploiting vulnerability in widely-used BIG-IP

Hackers are actively exploiting vulnerability in widely-used BIG-IP

Niranjan Maharajh

Enhancing Cybersecurity for Legacy Medical Devices: Navigating Post-Market Challenges and Strategies

The healthcare sector faces a unique challenge in managing the cybersecurity of legacy medical devices. These devices, often operating beyond their intended lifespan, are integral to patient care but lag in modern security protocols, making them susceptible to cyber threats.

Niranjan Maharajh

Cyberattacks in Connected Healthcare: 3 Actions to Protect Your Devices

Audio is generated by DropInBlog's AI and may have slight pronunciation nuances. Learn more In today's digital healthcare era, the threat of cyberattacks on connected medical devices is escalating. Recent cyberattacks in connected healthcare highlight the vulnerability of devices like pacemakers and insulin pumps to hacking, posing significant health risks.

Niranjan Maharajh

Conquer Medical Device Cybersecurity Gap Assessment

In today's increasingly connected healthcare landscape, medical devices play a vital role, directly impacting patient well-being. However, their reliance on software and connectivity exposes them to potential cyberattacks. Mitigating these risks requires robust cybersecurity measures throughout the device lifecycle, from pre-market development to post-market monitoring. This blog post equips you with a comprehensive cybersecurity gap assessment framework to evaluate your medical device's cybersecurity posture, ensuring compliance and minimizing risks.

Niranjan Maharajh

Apple Fixes 30 Cybersecurity Vulnerabilities in iOS 16.2 and iPadOS 16.2

Apple Fixes 30 Cybersecurity Vulnerabilities in iOS 16.2 and iPadOS 16.2

Niranjan Maharajh

Try the Professional Plan Free for 2 Weeks!

Explore all features of PMM for 2 weeks to see how it can simplify your post-market surveillance. If you cancel before the trial ends, your credit card will not be charged

Let's get started