Root privileges through a vulnerability in the Snap software distribution system

Vulnerabilities in the software provision Snap enable attackers, among other things, to extend their rights in the system. Updates fix the bugs.

 Root rights through vulnerability in software distribution system Snap

Vulnerabilities in the software distribution system Snap could be exploited by attackers, to gain root privileges in the system – for example in the standard configuration of Ubuntu on the desktop. With Snap, users can install specially prepared software packages that are more up-to-date than the native versions from the distribution’s own package sources. To do this, Snap provides an environment with runtime libraries and separation layers so that such software packages cannot damage the system.

Attackers could use inject arbitrary AppArmor rules into prepared content interface and layout declarations in Snap bundles and thereby break out of Snap’s rights restrictions (CVE-2021-4120, CVSS 8.2, risk high strong>). Also, they could gain root privileges by hard linking the snap-confine executable to any binary, as the snap service does not correctly check where this file is started from (CVE-2021-44730, CVSS < strong>7.8, high). The same impact was possible through a so-called race condition in snap-confine if attackers included their own content there when preparing a private mount namespace through snap (CVE-2021-44731, CVSS 7.8, high).

Another low-risk vulnerability was that older Snap versions did not set the access rights to the ~/snap directory restrictively enough, so that unauthorized persons could read information (CVE-2021-3155, CVSS 3.8, low). In a security advisory, Qualys, an IT security company, describes in great detail how the researchers found the two escalation loopholes and developed a proof-of-concept exploit for them.

The bugs can be found in Snap before the current version 2.54.3. Ubuntu has listed the updated packages for the different distribution versions in a security advisory. Since Snap is also offered by many other distributions, Linux users should use their package manager to check for software updates and download and install them quickly.

Rate article
Leave a Reply