8.2

CVE-2024-1724

Exploit

EPSS 0.02%
Published 25.07.2024 19:15:09
Last modified 21.11.2024 08:51:10
Source security@ubuntu.com
Teams watchlist Login
Open Login

In snapd versions prior to 2.62, when using AppArmor for enforcement of 
sandbox permissions, snapd failed to restrict writes to the $HOME/bin
path. In Ubuntu, when this path exists, it is automatically added to
the users PATH. An attacker who could convince a user to install a
malicious snap which used the 'home' plug could use this vulnerability
to install arbitrary scripts into the users PATH which may then be run
by the user outside of the expected snap sandbox and hence allow them
to escape confinement.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Canonical ≫ Snapd Version < 2.62

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
security@ubuntu.com	6.3	2	3.7	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

https://github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6

Patch

https://github.com/snapcore/snapd/pull/13689

Patch

Issue Tracking

https://gld.mcphail.uk/posts/explaining-cve-2024-1724/

Third Party Advisory

Exploit

Technical Description

https://nvd.nist.gov/vuln/detail/CVE-2024-1724

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-1724

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-1724

EUVD