The Ubuntu snap-confine function has a privilege escalation flaw, according to researchers. Security researchers discovered “multiple vulnerabilities” on Ubuntu systems recently, some of which could allow a threat actor to gain root access to the target endpoint.
Bharat Jogi, Director of Vulnerability and Threat Research at Qualys, said the flaws in the snap-confine function on Linux operating systems were discovered in a blog post. A total of 40 million people are at risk.
Root Access
By exploiting this flaw, an attacker can elevate the privileges of a basic account all the way to root access (CVE-2021-44731). Researchers from Qualys claim to have independently verified the flaw, developed an exploit and gained full root access on Ubuntu default installations.
As is customary, by the time the news reaches the press, a patch has already been released, so Ubuntu users should update to the latest version right away. Customers can look up CVE-2021-44731 in the vulnerability knowledgebase to find all the QIDs and vulnerable assets, according to Qualys.
“Vulnerabilities must be responsibly reported, patched, and mitigated immediately in the Log4Shell, SolarWinds, MSFT Exchange (and on and on) era,” the research team warns. “This disclosure demonstrates that security isn’t a one-time event – this code was reviewed multiple times, and Snap employs very defensive technologies.”
