+13Welcome to the cybersecurity offtopic area. π€΅
Think this place as a warmful bar: have a sit, relax yourself and grab a pint of anything you wanna drink. We're ready to chatting about anything related to IT and cybersec, even if it's a little far from Veeam world.
Feel free to post questions, CVEs alerts, how-to, workaround and even more.
πΊπ
+13Millions of Ubuntu users vulnerable to OverlayFS module security bug
Linux kernel flaws (CVE-2023-32629, CVE-2023-2640) affect 40% of users.
More: https://nvd.nist.gov/vuln/detail/CVE-2023-2640
https://nvd.nist.gov/vuln/detail/CVE-2023-32629
CVE-2023-2640 (CVSS v3: 7.8) grants elevated privileges due to insufficient permission checks.
CVE-2023-32629 (CVSSv3: 5.4) allows execution of arbitrary code by exploiting memory management race condition. Bugs linked to OverlayFS module modifications in Ubuntu kernel. PoC exploits already public. Other Linux distributions not impacted.
Ubuntu already released patch updates for all vulnerabilities. Upgrade via package manager and reboot after installation.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
