https://www.zdnet.com/article/multiple-vulnerabilities-found-in-snap-confine-function-on-linux-systems/ * + + Trending o Presidents Day deals o Top tablets: iPad isn't your only option o Best Tax Software o Best iPhone deals o Best home battery backup o Great 3D printers for under $500 o Best VPN Services o Windows 11 o Best Web Hosting o Cloud o Innovation o Working from Home o ZDNet Recommends o ZDNet Academy + Technology o See all Technology o Hardware o Laptops o Tablets o Storage o Processors o Software & Services o Operating Systems o Business Management Software o Mobility o 5G o Smartphones o Innovation o Cloud o Artificial Intelligence o Big Data o AR & VR o Robotics + Security o See all Security o Cyber Threats o VPN o Password Manager + Business o See all Business o Tech Industry o Tech & Work o Developer o Data Management o Legal o Companies o Amazon o Google o Apple o Microsoft o Samsung o E-Commerce o Enterprise Software o SMBs o Executive Guides o Events + Finance o See all Finance o Credit Cards o Banking o Taxes o Blockchain + Education o See all Education o Business & Management o Computers & Tech o Bootcamps o MBA + Home & Office o See all Home & Office o Networking o Broadband o Mobile Carries o Home Networking o Smart Office o Office Furniture o Office Hardware & Appliances o Smart Home o Home Security o Home Entertainment o Speakers o Kitchen & Household + More o See all Topics o International o China o EU o United Kingdom o New Zealand o India o Singapore o Korea o Australia o Japan o Government o Government: US o Government: UK o Government: AU o Government: Asia o Deals o Newsletters o Galleries o Videos o Reviews o Blogs * * Trending + Presidents Day deals + Top tablets: iPad isn't your only option + Best Tax Software + Best iPhone deals + Best home battery backup + Great 3D printers for under $500 + Best VPN Services + Windows 11 + Best Web Hosting + Cloud + Innovation + Working from Home + ZDNet Recommends + ZDNet Academy * Technology + Hardware + Laptops + Tablets + Storage + Processors + Software & Services + Operating Systems + Business Management Software + Mobility + 5G + Smartphones + Innovation + Cloud + Artificial Intelligence + Big Data + AR & VR + Robotics See all Technology * Security + Cyber Threats + VPN + Password Manager See all Security * Business + Tech Industry + Tech & Work + Developer + Data Management + Legal + Companies + Amazon + Google + Apple + Microsoft + Samsung + E-Commerce + Enterprise Software + SMBs + Executive Guides + Events See all Business * Finance + Credit Cards + Banking + Taxes + Blockchain See all Finance * Education + Business & Management + Computers & Tech + Bootcamps + MBA See all Education * Home & Office + Networking + Broadband + Mobile Carries + Home Networking + Smart Office + Office Furniture + Office Hardware & Appliances + Smart Home + Home Security + Home Entertainment + Speakers + Kitchen & Household See all Home & Office * More + International + China + EU + United Kingdom + New Zealand + India + + Singapore + Korea + Australia + Japan + Government + Government: US + Government: UK + Government: AU + Government: Asia + Deals + Newsletters + Galleries + Videos + Reviews + Blogs See all Topics * * + Asia + Australia + Europe + India + United Kingdom + United States + ZDNet France + ZDNet Germany + ZDNet Korea + ZDNet Japan * What are you looking for? [ ] Go * Join / Log In * Account + Preferences + Community + Newsletters + Log Out Multiple vulnerabilities found in Snap-confine function on Linux systems According to Qualys, one of the vulnerabilities can be exploited to escalate privilege to gain root privileges. * * * * * * Jonathan Greig Written by Jonathan Greig, Staff Writer Jonathan Greig Jonathan Greig Staff Writer Jonathan Greig is a journalist based in New York City. Full Bio on February 17, 2022 | Topic: Security Qualys' security researchers have discovered several vulnerabilities affecting Canonical's Snap software packaging and deployment system. Linux * Dangerous Linux vulnerability discovered after 12 years * Linux Foundation launches Open Source Software Development, Linux, and Git certification * The best Linux distros for beginners * How to become a Linux pro In a blog post, Qualys director of vulnerability and threat research, Bharat Jogi, explained that they found multiple vulnerabilities in the snap-confine function on Linux operating systems, "the most important of which can be exploited to escalate privilege to gain root privileges." Jogi added that Snap was developed by Canonical for operating systems that use the Linux kernel. "The packages called snaps, and the tool for using them, snapd, work across a range of Linux distributions and allow upstream software developers to distribute their applications directly to users. Snaps are self-contained applications running in a sandbox with mediated access to the host system. Snap-confine is a program used internally by snapd to construct the execution environment for snap applications," Jogi said, noting that the main issue was CVE-2021-44731. "Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu." After discovering the vulnerabilities and sending an advisory to Ubuntu in October, the Qualys Research Team worked with Canonical, Red Hat and others to address the issue. In a statement to ZDNet, Ubuntu publisher Canonical said throughout the development of the snap platform, they tried to ensure that the subsystems it depends on are used safely. They noted that thanks to automatic refreshes, most snap-distributed platform installations in the world have already been fixed via updates. In addition to CVE-2021-44731, Qualys discovered six other vulnerabilities. They provided a detailed breakdown of each issue and urged all users to patch as soon as possible. screen-shot-2022-02-17-at-6-47-08-pm.png screen-shot-2022-02-17-at-6-47-08-pm.png Qualys "Unfortunately, such a modern confinement platform involves many subsystems, and sometimes we make mistakes. Thankfully, Canonical and Ubuntu are part of a large community that includes competent security researchers. Recently, Qualys informed us that one of the tools a part of the snap platform contains a security issue. In their words: Discovering and exploiting a vulnerability in snap-confine has been extremely challenging (especially in a default installation of Ubuntu), because snap-confine uses a very defensive programming style, AppArmor profiles, seccomp filters, mount namespaces, and two Go helper programs," a Canonical spokesperson said. "As always, we are thankful to the great community we are part of, for finding and disclosing such security issues responsibly. We are also grateful to the professionals in our security and snap platform teams who acted quickly to mitigate the vulnerability and to the professionals in other organizations who worked timely on the respective issues disclosed. Updates for other packaging systems are also available and rolling out." There are no mitigations for CVE-2021-44731, and Jogi noted that while the vulnerability is not remotely exploitable, an attacker can log in as any unprivileged user. The vulnerability can be quickly exploited to gain root privileges. Vulcan Cyber engineer Mike Parkin said Snap has become reasonably widespread in the Linux world, with a number of major vendors distributing packages using it. While any exploit that can give root access is problematic, being a local exploit somewhat reduces the risk; Parkin added that patching vulnerable systems should be a priority. "This is both very widespread and also very dangerous, given that it enables a cybercriminal to escalate their privileges to gain root access. With that access threat, actors can distribute malware, plant deepfakes, move laterally within corporate networks, and many other forms of being compromised," said Viakoo CEO Bud Broomhead. "Linux is widely used as the embedded operating system for IoT devices, which typically there are 5-10X more of than traditional IT devices in an organization. Currently, there is no mitigation for this vulnerability, but it will likely remain exploitable for some time when one becomes available. Unlike IT systems, IoT devices often lack automated methods of remediating vulnerabilities, giving the potential for this vulnerability to be present for a long time." Security * More companies are using multi-factor authentication. Hackers are trying to beat it * Microsoft: This Mac malware is getting smarter and more dangerous * How to find and remove spyware from your phone * The best antivirus software and apps: Keep your PC, phone, tablet safe * How tech is a weapon in modern domestic abuse Linux | Security TV | Data Management | CXO | Data Centers Show Comments LOG IN TO COMMENT * My Profile * Log Out | Community Guidelines Join Discussion for: Multiple vulnerabilities found in Snap-confine... Add Your Comment Add Your Comment Related * * * * * * Moxa customers urged to patch five vulnerabilities found in MXview network management software * Best Linux distros for beginners 2022: You can do this! * Microsoft, Oracle, Apache and Apple vulnerabilities added to CISA catalog * Linux developers patch security holes faster than anyone else, says Google Project Zero * APAC firms need to build trust, brace for more third-party attacks * Best Raspberry Pi alternative 2022: Top SBCs * Best free tax software 2022: Free filing options * Best tax software 2022: Professional tax preparation * Best tax preparation service 2022: Prepare your taxes Please review our terms of service to complete your newsletter subscription. [ ] You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By joining ZDNet, you agree to our Terms of Use and Privacy Policy. [ ] You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy. Continue Newsletters See All See All ZDNet Connect with us (c) 2022 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use * Topics * Galleries * Videos * Sponsored Narratives * Do Not Sell My Information * About ZDNet * Meet The Team * All Authors * RSS Feeds * Site Map * Reprint Policy * Manage | Log Out * Join | Log In * Membership * Newsletters * Site Assistance * ZDNet Academy