CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
20.8%
github.com/snapcore/snapd is vulnerable to Incorrect Permission Assignment for Critical Resource. The vulnerability is due to the improper restriction of writes to the $HOME/bin path. An attacker can execute arbitrary scripts outside of the expected snap sandbox, potentially allowing them to escape confinement by convincing a user to install a malicious snap that utilizes the ‘home’ plug.
github.com/advisories/GHSA-4mh8-9689-38vr
github.com/canonical/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6
github.com/canonical/snapd/pull/13689
github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6
github.com/snapcore/snapd/pull/13689
gld.mcphail.uk/posts/explaining-cve-2024-1724
gld.mcphail.uk/posts/explaining-cve-2024-1724/