Ubuntu’s New Unprivileged User Namespace Feature Comes With New Vulnerabilities
Unprivileged Does Not Generally Imply Full Administrative Rights
Those running Ubuntu 23.10 and newer need to make some changes to their system configuration to deal with serious issues with the new unprivileged user namespaces feature. These namespaces should create an isolated sandbox where a user can be granted any permissions, such as root, which they might need inside that container but without granting them escalated privileges outside of that namespace. That would be a great feature, if it worked as intended. Unfortunately the default settings offer three different ways to create a new unprivileged user namespace with full root privileges for the entire system.
The three methods include bypassing aa-exec, busybox, or LD_PRELOAD to create a new namespace with full root access which can be leverage to impact parts of the system supposedly walled off from these unprivileged user namespaces. Thankfully there are ways to mitigate all three vulnerabilities while still maintaining the ability to use this new feature. Bleeping Computer published the four steps you should take here, so head over and make sure to apply them.
Linux user namespaces allow users to act as root inside an isolated sandbox (namespace) without having the same privileges on the host.
More Tech News From Around The Web
- Even Google struggles to balance fast-but-pricey flash and cheap-but-slow hard disks @ The Register
- Gemini hackers can deliver more potent attacks with a helping hand from… Gemini @ Ars Technica
- Phishing-as-a-service operation uses DNS-over-HTTPS for evasion @ Bleeping Computer
- The passive aggression of connecting USB to PS/2 @ The Register
- Panic averted: It was just a bug in Atop after all @ The Register
- SoftBank May Pledge More Than $1 Trillion for AI Effort in US, Nikkei Says @ Slashdot
- Microsoft’s Chetan Nayak on topological qubits, the physics of bigger splashes @ Physics World
- The NVIDIA Rubin NVL576 Kyber Midplane is Huge @ ServeTheHome
- Microsoft fixes button that restores classic Outlook client @ Bleeping Computer
- Google solves its mysterious Pixel problem, announces 9a launch date @ Ars Technica
