373 matches found
snapd 安全漏洞
snapd is a cross-platform package management tool open-sourced by snapcore. Enables systems to use .snap files. A security vulnerability exists in snapd versions prior to 2.62 that stems from a failure to properly check the target of a symbolic link and could allow unprivileged users to access...
snapd 安全漏洞
snapd is a cross-platform package management tool open-sourced by snapcore. Enables systems to use .snap files. A security vulnerability exists in snapd versions prior to 2.62 that stems from a failure to properly check file types. An attacker exploiting this vulnerability could result in a denia...
CVE-2024-1724
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...
UBUNTU-CVE-2024-1724
In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...
PT-2024-18253 · Canonical +2 · Snapd +3
Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue arises when using AppArmor for enforcement of sandbox permissions in snapd. It failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to...
CVE-2020-27352
When generating the systemd service units for the docker snap and other similar snaps, snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading syst...
CVE-2020-27352
When generating the systemd service units for the docker snap and other similar snaps, snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading syst...
DEBIAN-CVE-2020-27352
When generating the systemd service units for the docker snap and other similar snaps, snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading syst...
CVE-2020-27352
The CVE-2020-27352 issue affects snapd (e.g., the docker snap and similar snaps) where the systemd service units for these snaps are generated without setting Delegate=yes. This omission allows systemd to move processes from containers managed by the snap into the cgroup of the snap’s main daemon...
CVE-2020-27352
When generating the systemd service units for the docker snap and other similar snaps, snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading syst...
GO-2024-2906 CVE-2024-5138 in github.com/snapcore/snapd
CVE-2024-5138 in github.com/snapcore/snapd...
Privilege Escalation
github.com/snapcore/snapd is vulnerable to Privilege Escalation. The vulnerability is due to improper command-line argument parsing, allowing an unprivileged user to trigger actions that require administrator privileges...
GO-2024-2468 snapd Race Condition vulnerability in github.com/snapcore/snapd
snapd Race Condition vulnerability in github.com/snapcore/snapd. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...
GHSA-JRR7-64M9-X984 Duplicate Advisory: CVE-2024-5138: snapd snapctl auth bypass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p9v8-q5m4-pf46. This link is maintained to preserve external references. Original Description The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privilege...
Duplicate Advisory: CVE-2024-5138: snapd snapctl auth bypass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p9v8-q5m4-pf46. This link is maintained to preserve external references. Original Description The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privilege...
DEBIAN-CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...
CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...
CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...
CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...
CVE-2024-5138
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...