Veracode Vulnerability DatabaseVERACODE:48372Incorrect Permission Assignment For Critical Resource
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
20.8%
github.com/snapcore/snapd is vulnerable to Incorrect Permission Assignment for Critical Resource. The vulnerability is due to the improper restriction of writes to the $HOME/bin path. An attacker can execute arbitrary scripts outside of the expected snap sandbox, potentially allowing them to escape confinement by convincing a user to install a malicious snap that utilizes the ‘home’ plug.
References
github.com/advisories/GHSA-4mh8-9689-38vr
github.com/canonical/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6
github.com/canonical/snapd/pull/13689
github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6
github.com/snapcore/snapd/pull/13689
gld.mcphail.uk/posts/explaining-cve-2024-1724
gld.mcphail.uk/posts/explaining-cve-2024-1724/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
20.8%