GameOver(lay): Easy-to-exploit local privilege escalation vulnerabilities in Ubuntu Linux affect 40% of Ubuntu cloud workloads

Wiz Research has identified two critical local privilege escalation vulnerabilities, CVE-2023-2640 and CVE-2023-32629, within the OverlayFS module of Ubuntu Linux. These vulnerabilities, collectively tracked as GameOver(lay), are characterized as easy-to-exploit and pose a significant risk to cloud infrastructure. Approximately 40% of Ubuntu cloud workloads are currently affected by these security flaws. Successful exploitation allows unprivileged users to gain root privileges, potentially compromising entire cloud environments. While no specific threat actors or malware campaigns are currently linked to these CVEs, the ease of exploitation necessitates immediate attention. Organizations utilizing Ubuntu cloud instances should prioritize patching and updating their kernels to mitigate the risk of unauthorized privilege escalation. Security teams are advised to monitor for suspicious activity related to OverlayFS interactions and ensure compliance with vendor security advisories to maintain infrastructure integrity against potential local attacks.

Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads.

Wiz Research has identified two critical local privilege escalation vulnerabilities, CVE-2023-2640 and CVE-2023-32629, within the OverlayFS module of Ubuntu Linux. These vulnerabilities, collectively tracked as GameOver(lay), are characterized as easy-to-exploit and pose a significant risk to cloud infrastructure. Approximately 40% of Ubuntu cloud workloads are currently affected by these security flaws. Successful exploitation allows unprivileged users to gain root privileges, potentially compromising entire cloud environments. While no specific threat actors or malware campaigns are currently linked to these CVEs, the ease of exploitation necessitates immediate attention. Organizations utilizing Ubuntu cloud instances should prioritize patching and updating their kernels to mitigate the risk of unauthorized privilege escalation. Security teams are advised to monitor for suspicious activity related to OverlayFS interactions and ensure compliance with vendor security advisories to maintain infrastructure integrity against potential local attacks. Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads. Wiz Research discovered CVE-2023-2640 and CVE-2023-32629, two easy-to-exploit privilege escalation vulnerabilities in the OverlayFS module in Ubuntu affecting 40% of Ubuntu cloud workloads.