Microsoft has identified vulnerabilities in system components commonly used on Linux computers that could allow an attacker to upgrade and install malware.

Obtaining root privileges on a hacked Linux computer allows attackers to perform tasks such as installing a root backdoor or performing other malicious actions through random execution of root code through Microsoft’s Nimbuspwn vulnerabilities.

Two tracked bugs, both CVE-2022-29799 and CVE-2022-29800, were detected in networkd-dispatcher, the dispatch service for changing the state of the systemd-networkd network connection. Microsoft said it detected vulnerabilities when viewing messages on the system bus while performing code analysis and dynamic analysis of services running on root, and noticed a strange pattern in networkd-dispatcher.