CVE-2021-44730

Published: Feb 17, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 2.0 / Impact: 6.0

Source: NVD

Description

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Affected (8)

Products: Canonical: Snapd, Ubuntu Linux · Fedoraproject: Fedora · Debian: Debian Linux

2 products

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Snapd	Up to 2.54.2

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 20.04
Canonical Ubuntu Linux	Version 21.10

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 34
Fedoraproject Fedora	Version 35

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 11.0

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (12)

http://www.openwall.com/lists/oss-security/2022/02/18/2

Source: security@ubuntu.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/02/23/1

Source: security@ubuntu.com

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/

Source: security@ubuntu.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7/

Source: security@ubuntu.com

https://ubuntu.com/security/notices/USN-5292-1

Source: security@ubuntu.com

PatchVendor Advisory

https://www.debian.org/security/2022/dsa-5080

Source: security@ubuntu.com

Issue TrackingThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/02/18/2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/02/23/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7/

Source: af854a3a-2127-422b-91ae-364da2661108

https://ubuntu.com/security/notices/USN-5292-1

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.debian.org/security/2022/dsa-5080

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.