Security News > 2019 > February > Snapd Flaw Lets Attackers Gain Root Access On Linux Systems
2019-02-13 15:48
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/D0CTaTQwPew/snapd-linux-privilege-escalation.html
Related news
- Critical Kubernetes Image Builder flaw gives SSH root access to VMs (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-23 | CVE-2019-7304 | Incorrect Authorization vulnerability in Canonical Snapd Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. | 9.8 |