13 matches found
EUVD-2019-16847
Malware in sbrugna...
Exploit for Race Condition in Canonical Snapd
CVE-2021-44731-snap-confine-SUID Local Privilege Escalation Ex...
Exploit for Incorrect Authorization in Canonical Snapd
dirtysock Local Privilege Escalation via snapd CVE-2019-7304...
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...
Design/Logic Flaw
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...
Function Call with Incorrectly Specified Arguments
Overview Affected versions of this package are vulnerable to Function Call with Incorrectly Specified Arguments. A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were...
Input validation
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...
CVE-2019-7303
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...
CVE-2019-7303 Snapd seccomp filter TIOCSTI ioctl bypass
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...
CVE-2019-7304
CVE-2019-7304 affects Canonical snapd pre-2.37.1, where socket owner validation on the REST API Unix socket was insufficient, enabling local privilege escalation to root via snapd operations. The vulnerability is documented across multiple feeds (NVD, OSV, CVE listing) with CVSS v3.1 base score 9...
CVE-2019-7304 Local privilege escalation via snapd socket
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...
CVE-2019-7303
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1...