Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1xeG01LXZ4NWotcHA2d84AAmxD
snapcraft Access Restriction Bypass
In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH
, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xeG01LXZ4NWotcHA2d84AAmxD
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 24 days ago
CVSS Score: 6.8
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Identifiers: GHSA-qxm5-vx5j-pp6w, CVE-2020-27348
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-27348
- https://github.com/snapcore/snapcraft/pull/3345
- https://bugs.launchpad.net/bugs/1901572
- https://usn.ubuntu.com/usn/usn-4661-1
- https://github.com/snapcore/snapcraft/commit/a0ceca9d531a34c979251030ed67b5fa2abfdd9a
- https://github.com/advisories/GHSA-qxm5-vx5j-pp6w
Blast Radius: 5.7
Affected Packages
pypi:snapcraft
Dependent packages: 0Dependent repositories: 7
Downloads: 316 last month
Affected Version Ranges: < 4.4.4
Fixed in: 4.4.4
All affected versions: 2.40.1, 2.43.1, 3.0.1
All unaffected versions: 4.8.1