Researchers at Aqua Security say they’ve identified a security flaw in the way Ubuntu’s “command not found” feature works, which attackers could exploit to trick users into installing malicious snaps.

In a blog post detailing the findings, researcher Ilay Goldman concludes that “the risk of attackers exploiting the ‘command-not-found’ utility to recommend their own malicious snap packages is a pressing concern”.

“The true peril lies in the potential scope of this issue, with attackers capable of mimicking thousands of commands from widely-used packages,” adding past instances of malicious packages appearing in the Snap Store highlight this issue.”

What’s the issue in question, how dangerous is it, and is it something Ubuntu users should be worried about?

Package Suggestions can be Gamed

Can this helpful feature be exploited? Security bods say yes

When you try to run a command for a package you don’t have installed Ubuntu will show a “command not found” error.

But, in an effort to help, it also suggests the package(s) needed to run the missing command.

Suggestions are shown for relevant DEB packages available to install from the Ubuntu repos (queried against a local database) and snap packages (queried from a database on the Snap Store that gets updated often so new apps appear as recommendations).

And it’s this helpful feature security researchers say is open for manipulation by bad actors (and I don’t mean the Tommy Wiseau kind) using snap apps.

To prove the viability of this attack vector Aqua Nautilus performed a few experiments.

In one example, they ran jupyter-notebook on a fresh Ubuntu install and, as it’s not preinstalled, the command-not-found feature did its job: said ‘not found’, recommend the relevant package needed, and how to install it using apt.

So far so good.

But as this particular package didn’t return a snap suggestion — the feature will show both DEB and Snaps if they exist — they figured that the namespace hadn’t been registered on the Snap Store.

So the researchers registered it, filled in the details, and uploaded a (dummy) app ‘impersonating’ the real one. Sure enough, the command-not-found began started recommend their pretend package — even before the legit one:

One of these isn’t what it seems, but could you tell?

In the example above the fake snap was given a higher version number and is then shown before the real APT package – which could easily mislead users into thinking the first one is the “preferred” option.

And that is the crux of the issue.

Shady folks can game the recommendation system easily, manipulating this innocuous, user-friendly feature to push scummy snap package suggestions to users. All they have to do is upload a snap that pretends to be something people want, and command-not-found will do the rest.

Worse, Aqua Nautilus say as 26% of commands associated with APT packages are vulnerable to ill-intentioned impersonation; and they tried others ways (exploiting alias’, typo-squatting, etc) rogues can game the system to get their fake packages recommended to users alongside (and even ahead) of real ones.

Which is all kinds of worrying.

Is this actually an issue?

The good news is that, for now, this exploit is theoretical (albeit tested). No-one has yet reported being duped through the CNF mechanism, and there are no signs any snap malware is out there actively exploiting this loophole — so that’s good.

Plus, it will be easy for Canonical to remedy the issue with mitigations on their end – perhaps restricting snap suggestions surfaced through this feature to those uploaded by verified developers only?

On Ubuntu desktop the CNF feature isn’t (I assume) as widely used as it is on server and headless setups, such as WSL, where CLI is the default. This is good: few desktop users are likely to be tricked. It’s also bad: servers, IoT, etc are “critical” infrastructure…

As always, we users should shoulder some of the burden. When we install anything from any source we need to attention to typos, check what we’re installing is what it claims to be, and is packaged by a trustworthy source.

Interested in learning more? Head over to the Aqua blog post to read the report in full.

They provide details on how ‘command-not-found’ works, how it determines relevancy for its suggestions, and how attackers can use snap packages to do creepy things even when strict confinement is enabled and manual review isn’t triggered.

Food for thought!