• Home
  • |
  • Blog
  • |
  • How To Fix Nimbuspwn Vulnerability In Linux- A Privilege Escalation Vulnerability In Networkd-Dispatcher
How to Fix Nimbuspwn Vulnerability in Linux- A Privilege Escalation Vulnerability in networkd-dispatcher

Microsoft has identified multiple vulnerabilities, referred to as Nimbuspwn, that may let a hacker attain root access on many Linux desktop endpoints. The flaws can be chained together to give hackers unrestricted root access and the ability to deploy malicious payloads like a backdoor or malware. The vulnerabilities are tracked as CVE-2022-29799 and CVE-2022-29800 are directory traversal, symlink race, and time-of-check-time-of-use race condition vulnerabilities that could allow attackers to perform privileges escalation, deploy malicious payloads and carry out other malicious activities on the vulnerable Linux machines. We urge all communities who work or own Linux systems shouldn’t underscore the importance of Nimbuspwn Vulnerability and learn how to fix Nimbuspwn Vulnerability in Linux, A Privilege Escalation Vulnerability in the networkd-dispatcher unit.

Summary Of The Nimbuspwn Vulnerability:

Nimbuspwn Vulnerability is the chain of two vulnerabilities identified in a systemd component called networkd-dispatcher, a service that is designed to dispatch network status changes. Attackers could chain directory traversal, symlink race, and time-of-check-time-of-use race condition vulnerabilities to perform privileges escalation, arbitrary code execution, deploy malicious payloads, and carry out other malicious activities on the vulnerable Linux machines. Check out this link below to see the full technical details published by Microsoft.

Products Affected To Nimbuspwn Vulnerability:

According to the Debian Linux distribution, networked-dispatcher v2.0-2 and 2.1-2 are vulnerable to the flaw. If you have a networked-dispatcher with the below versions on your Debian-based Linux distributions, please fix the flaw.

ReleaseVersion
buster2.0-2
bullseye2.1-2
bookworm2.1-2
sid2.1-2

How To Check your Linux Distribution Is Vulnerable To Nimbuspwn Vulnerability?

It is simple to check this. All you need to check the version information of networked-dispatcher running on your server. There are two simple commands to check the version of networked-dispatcher.

$ sudo apt list networkd-dispatcher

This command is enough to see the version info.

$ sudo apt show networkd-dispatcher

Where as this command will give your comprehensive information about the package. You can check the output here.

In this case, this server is vulnerable to the flaw since v2.1-2 is running on this machine.

How To Fix Nimbuspwn Vulnerability In Linux?

The best and simple measure to fix the Nimbuspwn Vulnerability is to go for upgradation after Linux distributions have released the fixed version of networkd-dispatcher. Unfortunately, Debian and Ubuntu distributions have not released the fixed version yet. We recommend to track the updates on their websites.

  1. Debian
  2. Ubuntu

How To Install/Upgrade The networkd-Dispatcher On Debian Or Ubuntu?

You can install, upgrade, remove, and purge networkd-dispatche as like any other apt repository package.

Command to update system repositories

$ sudo apt update

Command to install networkd-dispatcher

$ sudo apt install networkd-dispatcher

Command to upgrade networkd-dispatcher

$ sudo apt upgrade networkd-dispatcher

Command to remove or purge networkd-dispatcher with dependencies.

$ sudo remove networkd-dispatcher

$ sudo purge networkd-dispatcher

$ sudo remove –auto-remove networkd-dispatcher

$ sudo purge –auto-remove networkd-dispatcher

If the packages are not added to the apt repository, then download the package or source of the package and install like a regular Linux package.

We hope this post will help you know How to Fix Nimbuspwn Vulnerability in Linux- A Privilege Escalation Vulnerability in networkd-dispatcher. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

To know more about me. Follow me on LinkedIn
Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.