Tuesday, February 23, 18:45
Home security A vulnerability in Ubuntu Gnome desktop could offer access ...

A vulnerability in Ubuntu Gnome desktop could offer root access

A vulnerability in GNOME Display Manager (gdm) could allow a typical user to create accounts with elevated permissions, giving a local attacker a path for executing root privileged code.

Although some conditions are necessary, the error is easy to use. The process involves executing a few simple commands in the terminal and modifying general system settings that do not require increased permissions.

Gnome
Ubuntu Gnome desktop contains vulnerabilities!

Add a new administrator

Exploiting the bug in gdm3 exploits the crash of the component AccountsService, which monitors users available on the system.

In addition to handling "graphical display managers", gdm3 is also responsible for displaying the "user login interface" on operating systems such as Unix.

GitHub security researcher Kevin Backhouse has discovered a simple way to trick an already installed Ubuntu system into performing the account setup routine for a new system. This scenario requires an account Admin for setting up the machine and installing applications.

The researcher found that "gdm3" enabled this sequence when the "accounts-daemon" of the AccountsService component is not running. A typical user should not be able to stop it.

However, Backhouse discovered two vulnerabilities in AccountsService that caused component suspension (CVE-2020-16127) and rejection of user account privileges (CVE-2020-16126), allowing a standard user stop the "daemon" by sending it a delayed segmentation error signal (kill -SIGSEGV).

The delay is necessary to give time for exit from the current period connection.

These two vulnerabilities affect Ubuntu 20.10, Ubuntu 20.04, Ubuntu 18.04 and Ubuntu 16.04.

For CVE-2020-16127, the researcher explains that it was caused by code added to the non-existent upstream version of Ubuntu AccountService maintained by freedesktop.

Activation was possible by making a modification to the Settings of the system that did not require increased permissions.

Without running AccountsService, gdm3 has no indication of the accounts on the machine and provides the option to create a new one with root privileges, as in the case of a installation for the first time.

This error is now referred to as CVE-2020-16125 and is rated 7,2 out of 10 so it is classified as a serious vulnerability. Affects Ubuntu 20.10, Ubuntu 20.04 and Ubuntu 18.04.

Backhouse created a video that shows how easy it was to take advantage of the vulnerability of gdm3 in Ubuntu 20.04:

Backhouse on Monday published separate reports on these three vulnerabilities, which provide technical details. He reported them to Ubuntu and GNOME maintainers on October 17, and fixes are available in the latest code.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

00:02:50

How to see if Silver Sparrow malware is hiding on your Mac?

https://www.youtube.com/watch?v=xfld2_BlIOk Ένα νέο malware που στοχεύει τόσο M-series όσο και Intel Macs έχει επηρεάσει περίπου 30.000 συστήματα...

YouTube: How to use hashtags to search for videos

There are many different ways to find something on YouTube. You can search for titles, restrict it per channel or even ...

The new Hyundai IONIQ 5 electric car is impressive

Hyundai is going to release 23 electric vehicles by 2025 and today we see the first of them: the Ioniq 5, a ...

Spotify: The new HiFi series offers lossless music streaming

Spotify has announced the new HiFi series. At the "Stream On" virtual event on Monday, the service announced a new flow level without ...

New MacBook Pro models will be released in the second half of 2021

Apple in the second half of 2021 plans to release two new MacBook Pro models which will be equipped with a ...

GeckoLinux: Update with GNOME 3.38, KDE 5.21

Last year, openSUSE-based GeckoLinux arrived with a renewed ISO after two years. Continuing the tactics ...

A ghost particle that fell in Antarctica comes from a black hole

In a new study published in the journal Nature Astronomy on Monday, scientists describe in detail the detection of a subatomic particle -...

Facebook: will restore news pages in Australia

Following discussions between Facebook and the government in Australia, the social networking platform will restore the news pages ...

XSS error detected in the Apple iCloud domain

A cross-site scripting (XSS) vulnerability in the iCloud domain is said to have been fixed by Apple. The error hunter and penetration tester Vishal ...

Share-ents: How dangerous it is to post photos of children

According to security expert Ritesh Kotak, parents tend to post about 1.500 photos of their children on social media before ...