EUVD-2024-2275

Malicious code in bioql PyPI...

EUVD-2024-2278

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-1523

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary...

USN-6940-2: snapd vulnerabilities

USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps usin...

Incorrect Permission Assignment For Critical Resource

github.com/snapcore/snapd is vulnerable to Incorrect Permission Assignment for Critical Resource. The vulnerability is due to the improper restriction of writes to the $HOME/bin path. An attacker can execute arbitrary scripts outside of the expected snap sandbox, potentially allowing them to esca...

snapd failed to properly check the destination of symbolic links when extracting a snap

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

DEBIAN-CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

CVE-2024-29069

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

CVE-2024-1724

CVE-2024-1724 affects snapd prior to 2.62, where AppArmor sandbox enforcement failed to restrict writes to $HOME/bin. In Ubuntu, this path is added to the user PATH when present, enabling a user-wurnished malicious snap using the home plug to drop scripts into PATH and potentially execute them ou...

CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

Design/Logic Flaw

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others...

CVE-2023-1523

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others...

USN-4661-1: Snapcraft vulnerability

It was discovered that Snapcraft includes the current directory when configuring LDLIBRARYPATH for application commands. If a user were tricked into installing a malicious snap or downloading a malicious library, under certain circumstances an attacker could exploit this to affect strict mode sna...

UBUNTU-CVE-2020-27348

In some conditions, a snap package built by snapcraft includes the current directory in LDLIBRARYPATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to...

Authentication Bypass

github.com/snapcore/snapweb is vulnerable to authentication bypass. The identity of the user and the origin of a connection is not verified before allowing controls to install or remove snap packages. An unauthenticated remote attacker is able to add a malicious snap package from the store and us...

USN-2956-1: ubuntu-core-launcher vulnerability

Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly sanitize its input and contained a logic error when determining the mountpoint of bind mounts when using snaps on Ubuntu classic systems eg, traditional desktop and server. If a user were tricked into installing a malicious sn...