Lucene search
K

4 matches found

ALT Linux
ALT Linux
added 2022/04/26 12:0 a.m.69 views

Security fix for the ALT Linux 10 package snapd version 2.54.3-alt1

2.54.3-alt1 built April 26, 2022 Andrey Cherepanov in task 299035 --- Feb. 20, 2022 Alexey Shabalin - 2.54.3 Fixes: CVE-2021-44730, CVE-2021-44731, CVE-2021-4120...

6.9CVSS3AI score0.00952EPSS
Exploits5
Snyk
Snyk
added 2022/02/18 2:24 p.m.2 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution due to improper validation of the snap-confine binary location. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. Remediation Upgrade...

8.8CVSS6AI score0.00351EPSS
Exploits0References2
CVE
CVE
added 2022/02/17 10:15 p.m.170 views

CVE-2021-44730

CVE-2021-44730 affects snapd: 2.54.2 did not validate the location of the snap-confine binary, enabling a local attacker to hardlink it elsewhere and cause snap-confine to execute arbitrary binaries, achieving privilege escalation. Affected systems may gain root/privilege escalation locally. Reme...

8.8CVSS8.3AI score0.00351EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/02/17 5:0 p.m.4 views

UBUNTU-CVE-2021-4120

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...

8.2CVSS5.9AI score0.00437EPSS
Exploits1References7
Rows per page
Query Builder