Microsoft Warns Of Nimbuspwn Security Flaws That Grant Hackers Linux Root Access
Microsoft's Windows has plenty of reason to be proud of its status as the desktop operating system of choice for personal computers, but Linux drives a massive portion of the processing that lies beneath the surface of the internet at large. Ultimately, it's to everyone's benefit if security holes are closed, so we probably shouldn't be surprised when Microsoft finds bugs in Linux.
And find them, it did. Microsoft's security team says that it was listening to messages on the system bus while "performing code reviews and dynamic analysis on services that run as root" when it noticed unusual behavior in a component of systemd known as networkd-dispatcher. That prompted big MS to do a full code review on that component, whereupon it found "multiple security concerns."
Those security concerns come in the form of directory traversal exploits, symlink race opportunities, and time-of-check-time-of-use (TOCTOU) flaws, which, when exploited together could give an unprivileged user root access on the system. That makes the flaws, collectively known as "Nimbuspwn", quite serious indeed.
A full explanation of the flaws is outside of the scope of this post, but Microsoft has a run-down on the details if you'd like to go over them. The important news for most folks is that older versions of networkd-dispatcher are vulnerable, but the latest version isn't, so get to patching if you run a Linux system based on systemd.