With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities.

…

During our research, we successfully identified a privilege escalation from the default user on a fresh Ubuntu Desktop installation to root. To achieve this, we chained one small bug in a privileged component together with a number of features, which all work as expected, to achieve arbitrary command execution as root.

This blog post will outline the journey of our research, discuss how we identified these vulnerabilities, and, we hope, show that you can keep it simple when it comes to exploitation and achieve the same results without needing a very complex (although extremely cool) kernel memory corruption vulnerability, for example.