Описание
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.54.3+18.04 |
| devel | released | 2.54.3+22.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was released [2.54.3+14.04~esm1] |
| esm-infra/bionic | released | 2.54.3+18.04 |
| esm-infra/focal | released | 2.54.3+20.04.1 |
| esm-infra/xenial | released | 2.54.3+16.04~esm2 |
| focal | released | 2.54.3+20.04.1 |
| hirsute | ignored | end of life |
| impish | released | 2.54.3+21.10.1 |
| snap | released | 2.54.3 |
Показывать по
Ссылки на источники
EPSS
6.9 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
snapd 2.54.2 did not properly validate the location of the snap-confin ...
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
Уязвимость утилиты для управления самодостаточными пакетами snapd, связанная с ошибками жестких ссылок, позволяющая нарушителю повысить свои привилегии
EPSS
6.9 Medium
CVSS2
7.8 High
CVSS3