Various Linux distributions might be affected by this security issue
Critical privilege-escalation vulnerability
could grant total control of the system compromised to attackers. According to
network security and ethical hacking specialists from the International
Institute of Cyber Security, Ubuntu and some other Linux
distributions users could be impacted.
The vulnerability has been tracked as CVE-2019-7304 and was discovered by a network
security expert, who was responsible for notifying Canonical, the
Ubuntu developers. The vulnerability has been nicknamed “Dirty_Sock” and resides in the REST API for the SNAPD service, a
universal packaging system on Linux, which renders compatible an application
for various distributions without having to make more modifications.
The SNAPD service was developed by Canonical
and is installed by default in Ubuntu; it is also used by other Linux
distributions, such as Debian, OpenSUSE, Arch Liunx and Fedora.
According to network security specialists,
these packages are compressed applications along with their dependencies that
also include instructions on how to run and interact with other programs on
various Linux desktop systems, IoT and cloud-hosted devices.
Snap locally hosts a web server to provide a
RESTful API list that helps the service perform multiple actions on the
operating system. These REST APIs have access control to define user-level
permissions for certain tasks, while some other APIs are only available to root
users.
An error in the access control process allows
attackers to overwrite the user ID to access any API functions, including those
that are restricted to root users. “A local attacker could use this to access
the privileged APIs and obtain administrator privileges”, mentions an Ubuntu
security alert.
It is worth noting that the Dirty_Socks
vulnerability is not exploitable remotely.
Vulnerability-discovery experts released two
exploit proof of concept on GitHub. One of the exploits requires an SSH
connection, while the second is able to download a malicious plugin.
Canonical has just launched SNAPD 2.37.1 to
correct this security flaw. On the other hand, Ubuntu and other widely used
Linux distributions have already released their own versions of the correction.
Linux distribution users must update their
systems as soon as possible to avoid any risk of exploitation.