15 matches found
Fedora 37 : snapd (2022-a425aea810)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-a425aea810 advisory. Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328 Tenable has extracted the preceding description block directly from the Fedora...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...
CVE-2022-3328
CVE-2022-3328 documents a race condition in snap-confine's must_mkdir_and_open_with_perms(), tied to snapd. Connected entries (GHSA-CJQF-877P-7M3F, OSV entries, Debian/Ubuntu advisories) describe a snapd race condition affecting components like snap-confine, with the core issue described as a rac...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...
Fedora 36 : snapd (2022-8268fa6877)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8268fa6877 advisory. Update to the latest upstream release 2.57.6. Includes fixes for CVE 2022-3328 Tenable has extracted the preceding description block directly from the Fedora...
Ubuntu Server snap-confine must_mkdir_and_open_with_perms() Race Condition Vulnerability
Qualys discovered a race condition CVE-2022-3328 in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability which was introduced in February 2022 by the patch for CVE-2021-44731 and detail how they exploited it in Ubuntu Server ...
Debian dla-3215 : golang-github-snapcore-snapd-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3215 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3215-1 [email protected] https://www.debian.org/lts/security/...
Debian DSA-5292-1 : snapd - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5292 advisory. The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation. For the stable distribution bullseye, th...
[SECURITY] [DSA 5292-1] snapd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5292-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2022 https://www.debian.org/security/faq -...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : snapd vulnerability (USN-5753-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5753-1 advisory. The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private...
Snapd Race Condition Vulnerability in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328)
The Qualys Threat Research Unit TRU has discovered a new vulnerability in snap-confine function on Linux operating systems, a SUID-root program installed by default on Ubuntu. Qualys recommends that security teams apply the patch for this vulnerability as soon as possible. In February 2022, Qualy...
CVE-2022-3328
Race condition in snap-confine's mustmkdirandopenwithperms...