[Vulnerability Alert] Local Privilege Escalation Vulnerability of Ubuntu Snap

2019-02-19 10:16:50
Dear user

JD Cloud Security Team has detected disclosed local privilege escalation vulnerability (vulnerability No.: CVE-2019-7304) in Package Management software (Snap component) of Ubuntu recently. Attackers use the vulnerability to escalate their local normal user privilege to Root privilege. (JD Cloud Image is free from the affection of the vulnerability).

JD Cloud Security Team suggests you to timely carry out self-inspection. If you are in the affected scope, please timely update and fix to avoid intrusion by external attackers.

[Vulnerability Details]

This vulnerability enables normal users to camouflage themselves as the root user to send requests to REST API provided by snapd. Attackers use elaborately constructed installation script or Ubuntu SSO to make normal uses without sudo privilege to get privilege of executing sudo, so as to get the capability of escalating root user privilege and achieve the effect of local privilege escalation.

[Risk Level]

Medium Risk

[Affected Version]

Snap from Version 2.28 to 2.37.

Snap is installed in part of Ubuntu versions. Now the following versions are known as being affected:

Ubuntu 18.04 LTS

Ubuntu 16.04 LTS

Ubuntu 14.04 LTS

[Troubleshooting]

By running "snap version" or "snap --version" commands, check whether the current version is 2.37.1 or above that will not be affected.

[Fix Recommendation]

At present, the details of the vulnerability have been disclosed and the official has fixed it in Version 2.37.1. Ubuntu users can upgrade snap to new version for fixing by apt update && apt-get install snap.

Reference Link:

[1] Official Announcementhttps://usn.ubuntu.com/3887-1/

[2] Vulnerability Details:https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html

JD Cloud Security Team


JD Cloud team

2019-02-19 10:16:50