Lucene search
Veracode Vulnerability DatabaseVERACODE:28084HistoryDec 06, 2020 - 2:27 a.m.
Information Disclosure
2020-12-0602:27:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
pulseaudio
information disclosure
race condition
snap policy module
EPSS
0.001
Percentile
18.0%
PulseAudio is vulnerable to information disclosure. A race condition can occur if SCM_CREDENTIALS were missing casuing the snap policy module to fail to identify a client connection from a snap as coming from a snap , allowing the snap to connect to PulseAudio without proper confinement. This could be exploited by an attacker to expose sensitive information.
Related
cvelist
cvelist
CVE-2020-16123 Bypass of snapd pulseaudio restrictions
2020-11-23 00:00:00
prion
prion
Race condition
2020-12-04 00:15:00
nvd
nvd
CVE-2020-16123
2020-12-04 00:15:11
debiancve
debiancve
CVE-2020-16123
2020-12-04 00:15:11
redhatcve
redhatcve
CVE-2020-16123
2020-12-08 13:07:57
ubuntucve
ubuntucve
CVE-2020-16123
2020-11-23 00:00:00
nessus
nessus
osv
osv
pulseaudio vulnerability
2020-11-23 16:03:54
openvas
openvas
Ubuntu: Security Advisory (USN-4640-1)
2020-11-24 00:00:00
cve
cve
CVE-2020-16123
2020-12-04 00:15:11
ubuntu
ubuntu
PulseAudio vulnerability
2020-11-23 00:00:00