4 matches found
CVE-2019-7303
CVE-2019-7303 affects Canonical snapd before 2.37.4, where the seccomp filter for strict mode snaps could bypass input restrictions by allowing a 64-bit ioctl path (TIOCSTI) to insert characters into a terminal on a 64-bit host. The root cause is a mismatch: seccomp rules target 64-bit ioctl(2) c...
CVE-2019-7303
creationtimestamp| type| source ---|---|--- 2019-03-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46594...
snap seccomp TIOCSTI Blacklist Circumvention
snap: seccomp blacklist for TIOCSTI can be circumvented Related CVE Numbers: CVE-2019-7303. snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: TIOCSTI allows for faking input man ttyioctl TODO: this should be scaled back ev...
UBUNTU-CVE-2019-7303
A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...