Multiple vulnerabilities put 40 million Ubuntu users at risk
Researchers uncover privilege escalation flaw in Ubuntu snap-confine function
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Security researchers have recently found “multiple vulnerabilities” onUbuntusystems, some of which would allow a threat actor to gain root privileges on the target endpoint.
In a blog post, Bharat Jogi, Director of Vulnerability and Threat Research at Qualys, said the team found the flaws in the snap-confine function onLinuxoperating systems. Approximately 40 million users are at risk.
Jogi describes Snap as a “software packaging and deployment system” that was built by Canonical for operating systems on the Linux kernel. These packages, or “snaps”, as well as the tool that uses them, “snapd”, work on a wide range of Linux distributions, allowing developers to ship applications directly to users.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.
Click here to start the survey in a new window«
Gaining root access
Snaps, Jogi further explains, are “self-contained applications running in a sandbox with mediated access to the host system. Snap-confine in s a program used internally by snapd to construct the execution environment for snap applications.”
By abusing the flaw, tracked as CVE-2021-44731, the attacker can elevate the privileges of a basic account all the way to root access. Researchers from Qualys claim to have independently verified the vulnerability, developed an exploit, and obtained full root privileges on default installations of Ubuntu.
The team did not explain if the exploit comes in the form ofmalware, or if it took a different approach.
Ubuntu 21.04 is here, but don’t get too excited>Ubuntu has a pretty serious security flaw, so patch now>Ubuntu 21.10 wants to make cloud-native app development easier for all
As usual, by the time the news hits the press, apatchhad already been issued, so Ubuntu users are advised to patch up to the latest version, immediately. Qualys’ customers can search the vulnerability knowledgebase for CVE-2021-44731 to identify all the QIDs and vulnerable assets, the company said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“In a Log4Shell, SolarWinds, MSFT Exchange (and on and on) era, it is vital that vulnerabilities are responsibly reported and are patched and mitigated immediately,” the research team warns. “ This disclosure continues to showcase that security is not a one and done – this code had been reviewed several times and Snap has very defensive technologies.”
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
Latest Google Pixel update includes surprise launch of Android 15’s best battery feature
