Nimbuspwn, as Microsoft has named the EoP threat, is two vulnerabilities that reside in the networkd-dispatcher, a component in many Linux distributions that dispatch network status changes and can run various scripts to respond to a new status. When a machine boots, networkd-dispatcher runs as root.
The flaws, tracked as CVE-2022-29799 and CVE-2022-29800, combine threats including directory traversal, symlink race, and time-of-check time-of-use (TOCTOU) race condition.
- @brombek6•2 years ago
- Microsoft A: We have patched 47 privilege escalation vulnerabilities last month. How is Linux doing?
- Microsoft B: Well… they have 2-3 per year.
- Microsoft A: Hold my beer!