Qualys TRU Discovers Three Bypasses of Ubuntu Unprivileged User Namespace Restrictions
ID: 5ff26a4e-8c3d-51a8-8265-a2bcdcbb4f08
STIX ID: report--5ff26a4e-8c3d-51a8-8265-a2bcdcbb4f08
Feed Name: Qualys Blog
Threat Score
Qualys Threat Research Unit disclosed three bypasses of Ubuntu's unprivileged user namespace restrictions affecting Ubuntu 24.04 and later; the bypasses let local attackers create user namespaces with full administrative capabilities, which can make kernel vulnerabilities exploitable by unprivileged users. Qualys provided technical details and mitigation scripts and recommends using Qualys TruRisk Eliminate (or testing mitigations) while patches are coordinated with Ubuntu.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.