'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
Privilege escalation lets an attacker gain elevated access, which can enable data theft or system control; least privilege and patching limit impact.
Search across headline titles and summaries.
Background for this topic.
Privilege escalation is gaining access beyond the permissions assigned to an account, process, or service. Vertical escalation moves from a lower-privileged role to an administrator or system account; horizontal escalation accesses another user’s resources at a similar privilege level. Attack paths include software vulnerabilities, insecure authorization checks, exposed credentials, unsafe service configurations, and excessive permissions in operating systems, applications, cloud environments, or containers.
Successful escalation can let an attacker change security settings, access protected data, execute code as a trusted service, or establish control that survives an initial compromise. The most relevant defenses are least-privilege access, strong separation of administrative accounts, server-side authorization checks for every sensitive action, timely remediation of exploitable flaws, and review of permissions for users, services, and workloads. Logging privileged actions and unusual account or process behavior supports detection and helps determine whether a compromised low-privilege foothold reached higher-value systems.
Weekly headline count for the current query.
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
A researcher discovered five different exploit paths that stem from an architectural weakness in how Windows' Remote Procedure Call (RPC) mechanism handles connections to unavailable services.
Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.
The company's August security update consisted of patches for 111 unique Common Vulnerabilities and Exposures (CVEs).
A software developer discovered a way to abuse an undocumented protocol in Amazon's Elastic Container Service to escalate privileges, cross boundaries and gain access to other cloud resources.
Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.
Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.
A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.
The popular LiteSpeed Cache plug-in is vulnerable to unauthenticated privilege escalation via a dangerous XSS flaw.
After loading a vulnerable driver, the utility uses a public exploit to gain privilege escalation and the ability to disable endpoint protection software.
Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.
CVE-2020-1472 is a privilege escalation flaw that allows an attacker to take over an organization's domain controllers.
The device management company introduced a Fleet Hardening Score and Privilege Escalation (the good kind) to its endpoint security platform for Apple devices.
Academics in Germany figured out how to reverse time in AMD virtualization environments, then reap the spoils.
Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.
One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.
Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it.
The June 2023 Patch Tuesday security update included fixes for a bypass for two previously addressed issues in Microsoft Exchange and a critical elevation of privilege flaw in SharePoint Server.
The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.
Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine.