Techly NewsGet the app

Get the latest tech news

The Journey of Bypassing Ubuntu's Unprivileged Namespace Restriction


’s Unprivileged Namespace Restriction Recently, Ubuntu introduced sandbox mechanisms to reduce the attack surface, and they seemed unbreakable. However, after carrying out in-depth research, we found that the implementation contained some issues, and bypassing it was not as difficult as expected.

In April 2024, shortly after that year’s Pwn2Own, Ubuntu published a security-focused blog post announcing new mitigations designed to lock down unprivileged namespaces and io_uring. With unprivileged namespaces now back on the table, the next step in my plan was straightforward: find a vulnerability in a module of the network subsystem that Ubuntu enables by default but kernelCTF does not. In short, under the current mechanism, simply applying any profile in unconfined status allows bypassing the check to create an unprivileged user namespace!

Get the Android app

Or read this on Hacker News

Read more on:

Photo of ubuntu

ubuntu

Photo of journey

journey

Related news:

News photo

Ubuntu Concept 25.04 ISOs Published For Qualcomm Snapdragon X Elite Laptops

News photo

Ubuntu 25.10 Snapshot 2 Released

News photo

CUDA Ray Tracing 2x Faster Than RTX: My CUDA Ray Tracing Journey

« Crims are posing as insurance companies to steal health records and payment info
Rust in the Linux kernel: part 2 »