Today they have been detected a number of quite serious vulnerabilities in the Ubuntu operating system, a security hole that allows code with administrator privileges to be executed in the operating system, something that can cause an unwanted user to execute malicious code on your computer.
The vulnerability was detected by Donncha O'Cearbhaill, an Irish security expert who has even made a video about the vulnerability, which you can see at the top of this video.
This concretely is done with a vulnerability of the Apport program, a program that reports errors in Ubuntu. This program generates a file with the extension .crash, which can be used to run Python code with root privileges by exploiting another vulnerability in the PolicyKit program, with all that that entails.
Esto occurs because the Apport program did not clean up the .crash files and it left them there, something that allowed any attacker to execute the code with administrator privileges.
This is a big problem for people with Ubuntu operating systems, since this vulnerability is present from Ubuntu 12.10 onwards. Furthermore, the failure has been reported in some Ubuntu-based operating systems, such as the famous Linux Mint.
Imagine the problem this poses for an Ubuntu server operating system, which can host confidential information of large companies. Imagine that someone arrives and enters these servers with root privileges, copies the confidential files of the company's projects and then sells them to the highest bidder, it would certainly be a scandal.
Yes, from Canonical as always they have been very fast and have already patched the vulnerability. For this reason, if you have an Ubuntu operating system or based on it, it is urgent to update with the usual commands (apt-get update and apt-get upgrade) to be able to be safe again.
Hello:
Same for companies better debian than ubuntu.
Greetings.