Tech Junky
Part of the Furniture
New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager
New Linux vulnerabilities in Canonical's Snap for software packaging system can be exploited to gain root privileges.
thehackernews.com
Additionally discovered by the cybersecurity firm are six other flaws –
- CVE-2021-3995 – Unauthorized unmount in util-linux's libmount
- CVE-2021-3996 – Unauthorized unmount in util-linux's libmount
- CVE-2021-3997 – Uncontrolled recursion in systemd's systemd-tmpfiles
- CVE-2021-3998 – Unexpected return value from glibc's realpath()
- CVE-2021-3999 – Off-by-one buffer overflow/underflow in glibc's getcwd()
- CVE-2021-44730 – Hardlink attack in snap-confine's sc_open_snapd_tool()