The security vulnerability was discovered by Max Justicz in the APT package, the high-level package manager used by the Debian GNU/Linux and Ubuntu operating systems, as well as any other derivative, official or unofficial, such as Kubuntu, Lubuntu, Xubuntu, Ubuntu MATE, and even the popular Linux Mint. The issue could allow a remote attacker to trick APT into installing malicious packages that pose as valid ones, but which could be used for code execution with administrative (root) privileges after installation to gain control of the vulnerable machine. More details are available for further reading at CVE-2019-3462.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis