Microsoft vulnerability researchers have discovered a pair of Linux privilege escalation bugs that might be used in conjunction to install harmful malware or backdoors.
According to Redmond, the vulnerabilities, collectively known as Nimbuspwn, present a pathway for attackers to escalate privileges to root on various Linux desktop endpoints. Microsoft researchers developed an experimental attack capable of providing a root backdoor with permanent root access, according to the company.
The open-source project’s maintainer has patched the two vulnerabilities, CVE-2022-29799 and CVE-2022-29800, and Microsoft advises Linux administrators to keep a close eye on the platform’s operating system and components.
Read More: https://www.securityweek.com/microsoft-warns-nimbuspwn-security-flaws-haunting-linux