Microsoft Warns Of Nimbuspwn Security Flaws That Grant Hackers Linux Root Access
And find them, it did. Microsoft's security team says that it was listening to messages on the system bus while "performing code reviews and dynamic analysis on services that run as root" when it noticed unusual behavior in a component of systemd known as networkd-dispatcher. That prompted big MS to do a full code review on that component, whereupon it found "multiple security concerns."
Those security concerns come in the form of directory traversal exploits, symlink race opportunities, and time-of-check-time-of-use (TOCTOU) flaws, which, when exploited together could give an unprivileged user root access on the system. That makes the flaws, collectively known as "Nimbuspwn", quite serious indeed.
A full explanation of the flaws is outside of the scope of this post, but Microsoft has a run-down on the details if you'd like to go over them. The important news for most folks is that older versions of networkd-dispatcher are vulnerable, but the latest version isn't, so get to patching if you run a Linux system based on systemd.