A serious security vulnerability has been discovered in Red Hat’s NetworkManager-libreswan plugin that could allow local attackers to escalate privileges and gain root access to Linux systems. The flaw tracked as CVE-2024-9050 has received a CVSS base score of 7.8, indicating its high severity.
The security issue stems from the NetworkManager-libreswan plugin’s failure to sanitize VPN configurations from unprivileged users properly.
The critical vulnerability lies in the `leftupdown` parameter, which accepts executable commands as values and is used for callback functions between NetworkManager-libreswan and NetworkManager.
Due to improper handling of special characters in the key-value format configuration, attackers can manipulate values to be interpreted as keys.
Since NetworkManager utilizes Polkit to allow unprivileged users to manage network configurations, this flaw creates a pathway for local privilege escalation and potential root-level code execution.
National Cybersecurity Awareness Month Cyber Challenges – Test your Skills Now
Impact And Affected Systems
The vulnerability affects multiple Red Hat Enterprise Linux versions and platforms, including:
- Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
- Red Hat Enterprise Linux Server AUS 7.7
- Various architectures including x86_64, ppc64le, aarch64, and s390x
Red Hat has classified this security issue as “Important” and has released patches through multiple security advisories (RHSA-2024:8312 and RHSA-2024:8338).
The company has provided updated NetworkManager-libreswan packages that address the vulnerability across affected platforms.
While patches are now available, system administrators should promptly update affected systems to the latest versions.
For environments where immediate patching isn’t possible, one temporary mitigation strategy involves restricting local users’ ability to control networking through Polkit, though this may impact laptop device functionality.
The vulnerability particularly affects systems where local users have network configuration privileges.
Server environments typically face lower risk as they generally don’t have local users with the necessary permissions to exploit this vulnerability.
This security flaw highlights the ongoing importance of proper input sanitization and privilege management in network-related software components.
Organizations using affected Red Hat systems are strongly encouraged to apply security updates as soon as possible to prevent potential exploitation of this vulnerability.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here