Summary: Researchers from Qualys have identified three security bypasses in Ubuntu Linux that allow unprivileged local users to create user namespaces with full administrative capabilities, potentially exploiting kernel vulnerabilities. The affected versions include Ubuntu 23.10 and 24.04, where user namespace restrictions are implemented. Canonical, the organization behind Ubuntu, is working on improving AppArmor protections as a response to these findings.
Affected: Ubuntu Linux 23.10 and 24.04
Keypoints :
- Three bypass methods discovered that exploit AppArmorβs restrictions in user namespaces.
- Bypass methods include using aa-exec, busybox, and the LD_PRELOAD technique.
- Canonical is implementing improvements to AppArmor protections but does not classify these as urgent vulnerabilities.