Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...

Design/Logic Flaw

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...

CVE-2021-4120 snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...

CVE-2021-4120

CVE-2021-4120 affects snapd 2.54.2, where insufficient validation of snap content interface and layout paths allows a snap to inject arbitrary AppArmor policy rules and escape strict snap confinement. The underlying issue is in the content interface and layout declarations, enabling bypass of con...

CVE-2021-4120

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...