4 matches found
SUSE CVE-2020-11931
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue...
Information Disclosure
PulseAudio is vulnerable to information disclosure. A race condition can occur if SCMCREDENTIALS were missing casuing the snap policy module to fail to identify a client connection from a snap as coming from a snap , allowing the snap to connect to PulseAudio without proper confinement. This coul...
CVE-2020-16123 Bypass of snapd pulseaudio restrictions
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...
CVE-2020-16123
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...