“Multiple security vulnerabilities have been disclosed in Canonical’s Snap software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges.
Snaps are self-contained application packages that are designed to work on operating systems that use the Linux kernel and can be installed using a tool called snapd.
Tracked as CVE-2021-44731, the issue concerns a privilege escalation flaw in the snap-confine function, a program used internally by snapd to construct the execution environment for snap applications. The shortcoming is rated 7.8 on the CVSS scoring system.”
The vulnerability was reported to the Ubuntu security team on October 27, 2021, following which patches were released on February 17 as part of a coordinated disclosure process.
To read the complete article see: https://thehackernews.com/2022/02/new-linux-privilege-escalation-flaw.html