Cecure Intelligence Limited

CIL Support

CIL ADVISORY

Linux Privilege Escalation

  • MARCH 11TH, 2024
  • 1min read
Linux Privilege Escalation

Introduction

Privilege escalation in Linux refers to gaining elevated access to system resources that are normally restricted. Attackers often exploit misconfigurations, vulnerabilities, or weak security practices to escalate privileges from a lower user level to root.

Recent examples include CVE-2024-15812, where a flaw in Ubuntu’s OverlayFS allowed attackers to gain root access, and CVE-2024-24533, where a vulnerability in Polkit on Red Hat systems enabled unauthorised root access by bypassing permission checks.

Techniques Used in Privilege Escalation

  • Password Cracking: Using automated tools to guess or brute-force passwords.
  • Privilege Escalation Exploits: Exploiting known vulnerabilities in software or system configurations.
  • Horizontal Privilege Escalation: Gaining access to other user accounts with similar privileges.
  • Vertical Privilege Escalation: Gaining access to accounts with higher privileges.

Best Practices Against Linux Privilege Escalation

  • Strong Password Policies: Require complex passwords with uppercase/lowercase letters, numbers, and symbols; enforce regular changes; use password managers.
  • Regular Software Updates: Install security patches promptly and use centralized patch management.
  • Access Control: Apply the principle of least privilege, restrict sensitive resources, and enforce proper file/directory permissions.
  • Continuous Monitoring: Use intrusion detection systems and review system logs for unauthorized access.
  • Review Security Practices: Conduct audits to identify vulnerabilities.
  • Limit SUID/SGID Binaries: Reduce and audit risky Set User ID/Set Group ID binaries.
  • Deploy Security Frameworks: Use AppArmor, SELinux, or Grsecurity to restrict program actions and prevent attacks.

Explore more CIL Advisories

Phishing Emails

Phishing Emails

IntroductionPhishing attacks are becoming increasingly sophisticated, with malicious actors exploiting current events like the Paris 2024 Olympics Games to run…

DECEMBER 16TH, 2024

Read More
Preventing Deep Fake Scams

Preventing Deep Fake Scams

IntroductionMalicious actors always find creative ways to defraud unsuspecting individuals; deep fake scams are one of the latest ways with…

DECEMBER 9TH, 2024

Read More
Trouble Looms: Ransomware Attacks on the Rise

Trouble Looms: Ransomware Attacks on the Rise

IntroductionRansomware is a type of malware which prevents you from accessing your device and the data stored on it, usually…

DECEMBER 2ND, 2024

Read More

Never miss a CIL Security Advisory

Stay informed with the latest security updates and insights from CIL.

Linux Privilege Escalation

Contact Us

Message Sent!

Thank you for reaching out. We have received your message and will get back to you shortly.

Check your email for a confirmation from us.

Start a project

Project Request Submitted!

Thank you for your interest. Our team will review your project details and reach out to you soon.

Check your email for a confirmation from us.

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. You can manage your preferences or learn more in our Cookie Policy .

Cookie Settings

We use cookies to improve your experience on our website. Some cookies are essential for the website to function, while others help us understand how you interact with our site. You can choose which cookies to accept below.