Описание
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.0.28 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | released | 1.0.27.1 |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | pending | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | not-affected | code not present |
| wily | not-affected | code not present |
Показывать по
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
10 Critical
CVSS2
9.8 Critical
CVSS3