Security News > 2019 > February > Snapd Flaw Lets Attackers Gain Root Access On Linux Systems

Snapd Flaw Lets Attackers Gain Root Access On Linux Systems
2019-02-13 15:48

Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/D0CTaTQwPew/snapd-linux-privilege-escalation.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-7304 Incorrect Authorization vulnerability in Canonical Snapd
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root.
network
low complexity
canonical CWE-863
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 385 2368 1508 667 4928