Lucene search
K

12 matches found

ALT Linux
ALT Linux
added 2022/04/26 12:0 a.m.71 views

Security fix for the ALT Linux 10 package snapd version 2.54.3-alt1

2.54.3-alt1 built April 26, 2022 Andrey Cherepanov in task 299035 --- Feb. 20, 2022 Alexey Shabalin - 2.54.3 Fixes: CVE-2021-44730, CVE-2021-44731, CVE-2021-4120...

6.9CVSS3AI score0.00952EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/02/24 1:23 p.m.137 views

USN-5292-4: snapd regression

USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for...

7.5AI score
Exploits0References2
OSV
OSV
added 2022/02/24 1:23 p.m.13 views

USN-5292-4 snapd regression

USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Troup discovered that snap did not properly manage the permissions for...

6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/21 12:0 a.m.38 views

Debian DSA-5080-1 : snapd - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5080 advisory. - snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause...

8.8CVSS8.7AI score0.00952EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-5292-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.00952EPSS
Exploits5References2
Debian
Debian
added 2022/02/18 7:3 p.m.102 views

[SECURITY] [DSA 5080-1] snapd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2022 https://www.debian.org/security/faq -...

8.8CVSS9AI score0.00952EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/02/18 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-5292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.00952EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2022/02/18 12:0 a.m.39 views

Ubuntu 16.04 ESM : snapd vulnerabilities (USN-5292-3)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5292-3 advisory. USN-5292-1 fixed several vulnerabilities in snapd. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

8.8CVSS7.2AI score0.00952EPSS
Exploits5References5
NVD
NVD
added 2022/02/17 11:15 p.m.23 views

CVE-2021-44730

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and...

8.8CVSS0.00351EPSS
Exploits0References6
CVE
CVE
added 2022/02/17 10:15 p.m.170 views

CVE-2021-44730

CVE-2021-44730 affects snapd: 2.54.2 did not validate the location of the snap-confine binary, enabling a local attacker to hardlink it elsewhere and cause snap-confine to execute arbitrary binaries, achieving privilege escalation. Affected systems may gain root/privilege escalation locally. Reme...

8.8CVSS8.3AI score0.00351EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2022/02/17 10:15 p.m.70 views

CVE-2021-44730

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and...

8.8CVSS8.8AI score0.00351EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/17 5:24 p.m.124 views

USN-5292-1: snapd vulnerabilities

James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. CVE-2021-3155 Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local...

8.8CVSS7.4AI score0.00952EPSS
Exploits5
Rows per page
Query Builder