A vulnerability was found in the software deployment and package management system called snapd which is used by several Linux distributions. This vulnerability can lead to privilege escalation on affected systems by abusing the application programming interfaces (APIs) of snapd. A local attacker may leverage this vulnerability in the affected systems to gain root privileges.
The following is only a sample list of Linux systems that are affected. The list is not exhaustive and it is strongly recommended to consult the product vendors if the used Linux systems are affected.
Successful exploitation could lead to elevation of privilege of a vulnerable system.
The vulnerability is fixed in some of the Linux distributions such as Ubuntu and Debian. System administrators should check with their product vendors to confirm if their Linux systems are affected and the availability of patches, and if so, apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.
https://securityaffairs.co/wordpress/81059/hacking/snapd-privilege-escalation.html
https://thehackernews.com/2019/02/snapd-linux-privilege-escalation.html
https://www.hkcert.org/my_url/en/alert/19021401
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7304