2 matches found
snapd security bypass vulnerability
snapd is a tool used in Linux to create application snapshots. A security vulnerability exists in snapd versions 2.27 through 2.29.2, which stems from a program that creates the snap logs command to invoke journalctl without matching the parameters.An attacker could use this vulnerability to bypa...
UBUNTU-CVE-2017-14178
In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...