4 matches found
EUVD-2026-23862
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
CVE-2026-6369 Exposed Session Token in canonical-livepatch client snap
An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...
CVE-2026-6369
The CVE-2026-6369 entry concerns the canonical-livepatch snap client, affected before version 10.15.0. A local unprivileged user can exploit an improper access control by sending an unauthenticated request to the livepatchd.sock Unix domain socket to obtain a sensitive, root-level authentication ...
USN-7063-1 ubuntu-advantage-desktop-daemon vulnerability
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext. An attacker could use this issue to gain unauthorized access to an Ubuntu Pro subscription. CVE-2024-6388...