7.8

CVE-2021-44731

Exploit

snapd could be made to escalate privileges and run programs as administrator

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalSnapd Version <= 2.54.2
CanonicalUbuntu Linux Version18.04 SwEditionlts
CanonicalUbuntu Linux Version20.04 SwEditionlts
CanonicalUbuntu Linux Version21.10
FedoraprojectFedora Version34
FedoraprojectFedora Version35
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.07% 0.778
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.1 6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
security@ubuntu.com 7.8 1.1 6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://www.openwall.com/lists/oss-security/2022/02/23/1
Third Party Advisory
Exploit
Mailing List
https://www.debian.org/security/2022/dsa-5080
Third Party Advisory
Issue Tracking
http://seclists.org/fulldisclosure/2022/Dec/4
Third Party Advisory
Exploit
Mailing List
http://www.openwall.com/lists/oss-security/2022/11/30/2
Third Party Advisory
Exploit
Mailing List