Multiple vulnerabilities put 40 million Ubuntu users at risk

(Image credit: Canonical)

Security researchers have recently found “multiple vulnerabilities” on Ubuntu systems, some of which would allow a threat actor to gain root privileges on the target endpoint.

In a blog post, Bharat Jogi, Director of Vulnerability and Threat Research at Qualys, said the team found the flaws in the snap-confine function on Linux operating systems. Approximately 40 million users are at risk.

Jogi describes Snap as a “software packaging and deployment system” that was built by Canonical for operating systems on the Linux kernel. These packages, or “snaps”, as well as the tool that uses them, “snapd”, work on a wide range of Linux distributions, allowing developers to ship applications directly to users. 

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

Gaining root access

Snaps, Jogi further explains, are “self-contained applications running in a sandbox with mediated access to the host system. Snap-confine in s a program used internally by snapd to construct the execution environment for snap applications.”

By abusing the flaw, tracked as CVE-2021-44731, the attacker can elevate the privileges of a basic account all the way to root access. Researchers from Qualys claim to have independently verified the vulnerability, developed an exploit, and obtained full root privileges on default installations of Ubuntu. 

The team did not explain if the exploit comes in the form of malware, or if it took a different approach.

As usual, by the time the news hits the press, a patch had already been issued, so Ubuntu users are advised to patch up to the latest version, immediately. Qualys’ customers can search the vulnerability knowledgebase for CVE-2021-44731 to identify all the QIDs and vulnerable assets, the company said.

“In a Log4Shell, SolarWinds, MSFT Exchange (and on and on) era, it is vital that vulnerabilities are responsibly reported and are patched and mitigated immediately,” the research team warns. “ This disclosure continues to showcase that security is not a one and done – this code had been reviewed several times and Snap has very defensive technologies.”

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.