A high-severity vulnerability has been identified in Canonical Multipass, a tool for managing virtual machine instances. This flaw could allow a local attacker to bypass security restrictions and gain full administrative control over the host system. Successful exploitation would lead to a complete compromise of the system's confidentiality, integrity, and availability.

The vulnerability is a local privilege escalation flaw within the Multipass daemon service. The service fails to properly sanitize user-supplied input when processing instance modification commands. A local, low-privileged attacker can craft a malicious command with specially formatted arguments that, when executed by the Multipass daemon running as root, will trigger arbitrary command execution with root-level privileges on the host operating system.

This vulnerability is rated as High severity with a CVSS score of 7.3. A successful exploit would grant an attacker full administrative control over the affected host system. This could lead to severe business consequences, including the theft or modification of sensitive data, deployment of ransomware, disruption of critical services hosted on the machine, and the ability to use the compromised system as a pivot point to attack other assets within the corporate network. The risk is particularly high in multi-user environments where non-administrative users have shell access to systems running Multipass.

Immediate Action: Apply the security updates provided by the vendor (Canonical) to all affected systems immediately. After patching, system administrators should verify that the update has been successfully installed and the service has been restarted to ensure the patch is active.

Proactive Monitoring: Security teams should monitor for signs of exploitation. This includes reviewing Multipass-specific logs for malformed or unusual commands, auditing system logs for unexpected processes spawned by the Multipass daemon (multipassd), and looking for unauthorized file modifications or new user account creation. Anomaly detection on command-line histories for low-privileged users may also reveal exploitation attempts.

Compensating Controls: If immediate patching is not feasible, implement compensating controls to reduce risk. Restrict shell access to systems running vulnerable versions of Multipass to only trusted administrative users. Additionally, utilize mandatory access control systems like AppArmor or SELinux to create a restrictive profile for the Multipass daemon, limiting its ability to access critical system files and execute arbitrary commands, thereby containing the impact of a potential exploit.

Public Exploit Available: false

Due to the high severity (CVSS 7.3) of this vulnerability and the significant impact of a successful local privilege escalation, we strongly recommend that organizations prioritize patching all systems running affected versions of Canonical Multipass. While there is no current evidence of active exploitation, the risk of a full system compromise warrants immediate action. The remediation plan should be executed as a high-priority task to prevent potential future exploitation and safeguard critical system assets.