A New Linux Flaw Can Be Chained with Other Two Bugs to Gain Full Root Privileges
1 min read
Dec 14, 2022
Qualys researchers demonstrated how to chain a new Linux flaw with two other two issues to gain full root privileges on an impacted system.
Researchers at the Qualys’ Threat Research Unit demonstrated how to chain a new Linux vulnerability, tracked as CVE-2022-3328, with two other flaws to gain full root privileges on an affected system.
The vulnerability resides in the snap-confine function on Linux operating systems, a SUID-root program installed by default on Ubuntu.
The snap-confine is used internally by snapd to construct the execution environment for snap applications, an internal tool for confining snappy applications.
Related Articles
1 - 0 min read
RunC Container Escape Flaws Grant Attackers Host Access
1 - 0 min read
Critical Glibc Flaws Put Major Linux Distros at Risk
1 - 0 min read
Hackers' Backdoor: Warning of New Linux Kernel Vulnerability
