Mrs. Christiana Kozakou, is the Head of Marketing at Odyssey Cybersecurity, where she leads and oversees strategic marketing efforts for Odyssey and ClearSkies brands around the globe. Her expertise lies in designing and coordinating 360-degree marketing campaigns and crafting effective marketing penetration strategies for exploring new markets. Mrs. Kozakou is a dynamic professional driven by her passion for unleashing potential in every endeavour, leading a team of creative marketers, working together towards one goal: to give voice to Odyssey and its people so the world can become a cyber safer place. Throughout her 10 years career, Mrs. Kozakou has served in key roles in Advertising, Business Development and Digital Marketing in International companies. A fervent believer in empowering women, she served as a dedicated volunteer for IWIB’s International Team, fostering growth and opportunities for aspiring leaders. Her educational background boasts a Master of Business Administration (MBA), Bachelor’s degrees in Marketing and Sociology.
New Privilege Escalation Flaw in Linux’s Snap Package Manager
Threat Level Description
Threat Level: High - An attack is highly likely. Additional and sustainable protective security measures reflecting the broad nature of the threat combined with specific business and geographical vulnerabilities and judgments on acceptable risk.
We have observed that a new privilege escalation vulnerability in Canonical’s Snap software packaging and deployment system, designed to work on operating systems that use the Linux kernel, has been identified.
A local unprivileged attacker, by exploiting this vulnerability, could gain root privileges on the vulnerable host.
Snap is used for Linux-based operating systems such as Ubuntu, and its packages are referred to as “snaps.” The snap platform “has been developed to bring secure application installations to Ubuntu and other Linux distributions. The tool for using snaps, is called “snapd” and works across a range of Linux distributions and allow upstream software developers to distribute their applications directly to users.
This vulnerability, tracked as CVE-2021-44731, concerns a privilege escalation flaw in the “snap-confine” function, a program used internally by “snapd” to construct the execution environment for snap applications.
A race condition in “snap-confine” exists when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap’s private mount namespace and causing snap-confine to execute arbitrary code.
Note that while the flaw isn’t remotely exploitable, an attacker that has logged in as an unprivileged user can “quickly” exploit the bug to gain root permissions.
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
You should immediately proceed and upgrade to the latest version of Canonical's Snap software packaging and deployment system. Furthermore, you should apply the relevant security patches/updates provided by the Linux OSs vendors.
You should understand the importance of security updates, and the urgency with which they should be applied, no matter how large or small your organization is. It is very important to apply an efficient patch management solution and always have enabled an active event security logging and practice event monitoring. To protect the valuable assets of your business and be compliant with the relevant industry regulations requires a comprehensive approach to the management of risk, including Penetration Testing at least annually and upon significant changes.