ALT-PU-2022-1765-1

BDU:2022-01444

HIGH8.8

Уязвимость утилиты для управления самодостаточными пакетами snapd, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю повысить свои привилегии в системе и выполнить произвольный код

Published: 2022-03-25Modified: 2024-09-13

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2021-4120

BDU:2022-01445

HIGH8.8

Уязвимость утилиты для управления самодостаточными пакетами snapd, связанная с ошибками выполнения многопоточных задач, позволяющая нарушителю выполнить произвольный код с привилегиями root

Published: 2022-03-25Modified: 2024-09-13

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.8

CVSS:2.0/AV:L/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2021-44731

BDU:2022-01460

HIGH8.8

Уязвимость утилиты для управления самодостаточными пакетами snapd, связанная с ошибками жестких ссылок, позволяющая нарушителю повысить свои привилегии

Published: 2022-03-25

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2021-44730

CVE-2021-3155

MEDIUM5.5

snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Published: 2022-02-17Modified: 2024-11-21

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

CVE-2021-4120

HIGH7.8

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Published: 2022-02-17Modified: 2024-11-21

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2021-44730

HIGH8.8

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Published: 2022-02-17Modified: 2024-11-21

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References

CVE-2021-44731

HIGH7.8

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Published: 2022-02-17Modified: 2024-11-21

CVSS 2.0MEDIUM 6.9

CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References

Package update snapd in branch p10

Closed issues (7)

Уязвимость утилиты для управления самодостаточными пакетами snapd, связанная с ошибками жестких ссылок, позволяющая нарушителю повысить свои привилегии

snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Closed bugs (1)

Не появляются приложения в меню