There is nothing worse than malicious code gaining root privileges, because it gives it complete and absolute control over the system.

Ubuntu Linux users are at just that risk, according to cybersecurity firm Qualys, as reported in a blog post from the company, written by its Director of Vulnerability and Threat Research. Qualys notes that it has discovered two flaws in Ubuntu Linux that could allow root access by malicious software packages.

The flaws are in a widely used package manager for Ubuntu Linux called Snap, which puts approximately 40 million users at risk, as the software is included by default on Ubuntu Linux and many other major Linux distributors. Snap, developed by Canonical, allows the packaging and distribution of self-contained applications called "snaps" that run in contained containers.

Any vulnerabilities that escape these containers are considered extremely severe. Therefore, both privilege escalation bugs are rated as high severity threats. These vulnerabilities allow a user with low privileges to execute malicious code as root, which is the highest administrative account on Linux.