A race condition in snapd 2.54.2 snap-confine binary allows local attacker to gain root privileges by bind-mounting their own contents inside snap's private mount namespace and causing snap-confine to execute arbitrary code
Reporter | Title | Published | Views | Family All 44 |
---|---|---|---|---|
OSV | CVE-2021-44731 | 17 Feb 202223:15 | β | osv |
OSV | snapd - security update | 18 Feb 202200:00 | β | osv |
OSV | snapd vulnerabilities | 17 Feb 202217:24 | β | osv |
OSV | snapd regression | 24 Feb 202213:23 | β | osv |
OSV | snapd vulnerabilities | 18 Feb 202201:07 | β | osv |
OSV | snapd vulnerabilities | 18 Feb 202202:21 | β | osv |
Cvelist | CVE-2021-44731 snapd could be made to escalate privileges and run programs as administrator | 17 Feb 202200:00 | β | cvelist |
Hive Pro Threat Advisories | Privilege Escalation Vulnerability in Snap Package Manager puts Linux users at risk | 21 Feb 202204:34 | β | hivepro |
Debian CVE | CVE-2021-44731 | 17 Feb 202223:15 | β | debiancve |
CNVD | snapd competition condition issue vulnerability | 18 Feb 202200:00 | β | cnvd |
[
{
"vendor": "Canonical Ltd.",
"product": "snapd",
"versions": [
{
"version": "unspecified",
"lessThanOrEqual": "2.54.2",
"status": "affected",
"versionType": "custom"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo