According to the latest discovery by security researchers S. Tzadik and S. Tamari at Wiz, two new privilege escalation vulnerabilities, codenamed "GameOver(Lay)" in the popular Filesystem OverlayFS, affect a whopping 40% of Ubuntu users worldwide. Check out the details of both these vulnerabilities, along with the steps to check if your Ubuntu system is vulnerable or not.
How to know which apps are affected by the WebP CVE-2023-4863 vulnerability
CVE-2023-2640 is a high severity vulnerability (CVSS v3 score: 7.8) affecting Ubuntu kernels above version 5.15.0. This vulnerability allows any underprivileged user to set privileged extended attributes on the mounted files/filesystems, allowing them to gain higher privileges over the system.
CVE-2023-32629 is a moderate (CVSS v3 score: 5.4) vulnerability that affects all Linux kernels with version 5.4.0. This is a local privilege escalation that exploits the kernel's memory management subsystem with a race condition that accesses the VMA, leading to the execution of arbitrary code.
These vulnerabilities can be traced back to 2018 when Ubuntu introduced some changes to its own version of the OverlayFS module. These changes faced serious objections from the "Linux Kernel Project", specifically the setting of extended attributes, which define user permissions. Consequently, when Linux released a fix for the vulnerability in 2020, the changes were not carried over to the mod.
