A security researcher published today proof-of-concept (PoC) code for a vulnerability primarily impacting Ubuntu, but also other Linux distros. The actual vulnerability isn't in the Ubuntu operating system itself, but in the Snapd daemon that's included by default with all recent Ubuntu versions, but also with some other Linux distros. Snapd is the daemon that manages "snaps," a new app packaging format developed and used by Canonical for Ubuntu apps since 2014. Moberly says that Snapd exposes a local REST API server that snap packages (and the official Ubuntu Snap Store) interact with during the installation of new apps (snaps). Moberly reported the issue to Canonical, Snapd's developer, who released Snapd version 2.37.1 this week to address the issue. At the same time, Canonical also released security updates for the Ubuntu Linux OS, for which the Snapd package was initially developed and where it's included and enabled by default.