Security researchers with Qualys have discovered several vulnerabilities affecting Canonical’s Snap software packaging and deployment system.
In a blog post, Qualys director of vulnerability and threat research Bharat Jogi explained that they found multiple vulnerabilities in the snap-confine function on Linux operating systems, “the most important of which can be exploited to escalate privilege to gain root privileges.” Jogi added that Snap was developed by Canonical for operating systems that use the Linux kernel.
“The packages, called snaps, and the tool for using them, snapd, work across a range of Linux distributions and allow upstream software developers to distribute their applications directly to users. Snaps are self-contained applications running in a sandbox with mediated access to the host system. Snap-confine is a program used internally by snapd to construct the execution environment for snap applications,” Jogi said, noting that the main issue was CVE-2021-44731.
“Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu.”
After discovering the vulnerabilities and sending an advisory to Ubuntu in October, the Qualys Research Team worked with Canonical, Red Hat and others to address the issue. Canonical did not respond to requests for comment.
In addition to CVE-2021-44731, Qualys discovered six other vulnerabilities. They provided a detailed breakdown of each issue and urged all users to patch as soon as possible.
Qualys
There are no mitigations for CVE-2021-44731 and Jogi noted that while the vulnerability is not remotely exploitable, an attacker can log in as any unprivileged user and the vulnerability can be quickly exploited to gain root privileges.
Vulcan Cyber engineer Mike Parkin said Snap has become reasonably widespread in the Linux world, with a number of major vendors distributing packages using it.
While any exploit that can give root access is problematic, being a local exploit reduces the risk somewhat, Parkin explained, adding that patching vulnerable systems should be a priority.
“This is both very widespread and also very dangerous, given that it enables a cyber criminal to escalate their privileges to gain root access. With that access threat actors can distribute malware, plant deepfakes, move laterally within corporate networks, and many other forms of being compromised,” said Viakoo CEO Bud Broomhead.
“Linux is widely used as the embedded operating system for IoT devices, which typically there are 5-10X more of than traditional IT devices in an organization. Currently there is no mitigation for this vulnerability, but when one becomes available it will likely remain exploitable for some time. Unlike IT systems, IoT devices often lack automated methods of remediating vulnerabilities, giving the potential for this vulnerability to be present for a long time.”
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
