Canonical Patches Dirty Sock Vulnerability Affecting Ubuntu, Other Linux Distros
Canonical this week rolled out an update for the Snapd daemon in order to resolve a vulnerability called Dirty Sock which allowed hackers to gain root access on Ubuntu and other Linux distros.
The security flaw, tracked as CVE-2019-7304, was discovered by researcher Chris Moberly of The Missing Link, who explained in a technical analysis that Snapd versions 2.28 through 2.37 are all affected.
Moberly says that the local privilege escalation vulnerability was reported to Canonical, the makers of both Ubuntu and Snapd, in late January. The patch was published this week by Canonical as Snapd 2.37.1, alongside security updates for Ubuntu and other Linux distros, including Fedora, Arch Linux, and Debian.
The researcher notes that the Snapd daemon, which is being used on m… (read more)