UBUNTU-CVE-2021-44730

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-44730

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-44730.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2021-44730

Related

Published

2022-02-17T17:00:00Z

Modified

2025-05-26T16:39:57Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
8.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

References

Affected packages

Ubuntu:Pro:14.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.54.3+14.04~esm1?arch=source&distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.54.3+14.04~esm1

Affected versions

2.*

2.21~14.04.2

2.22.2~14.04

2.22.3~14.04

2.22.6~14.04

2.23.1~14.04

2.24.1~14.04

2.25~14.04

2.26.10~14.04

2.27.5~14.04

2.28.5~14.04

2.29.4.2~14.04

2.32.3.2~14.04

2.32.9~14.04

2.33.1~14.04

2.34.2~14.04

2.34.2~14.04.1

2.37.4~14.04.1

2.38~14.04

Ecosystem specific

{
    "ubuntu_priority": "high",
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "golang-github-snapcore-snapd-dev",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "golang-github-ubuntu-core-snappy-dev",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "snap-confine",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "snapd",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "snapd-dbgsym",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "snapd-xdg-open",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "ubuntu-core-launcher",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "ubuntu-core-snapd-units",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "ubuntu-snappy",
            "binary_version": "2.54.3+14.04~esm1"
        },
        {
            "binary_name": "ubuntu-snappy-cli",
            "binary_version": "2.54.3+14.04~esm1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.54.3+16.04~esm2?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.54.3+16.04~esm2

Affected versions

1.*

1.9

1.9.1.1

1.9.2

2.*

2.0

2.0.1

2.0.2

2.0.3

2.0.5

2.0.8

2.0.9

2.0.10

2.11+0.16.04

2.12+0.16.04

2.13

2.14.2~16.04

2.15.2ubuntu1

2.16ubuntu3

2.17.1ubuntu1

2.20.1ubuntu1

2.21

2.22.2

2.22.3

2.22.6

2.23.1

2.24.1

2.25

2.26.10

2.27.5

2.28.5

2.29.4.2

2.32.3.2

2.32.9

2.33.1ubuntu2

2.34.2

2.34.2ubuntu0.1

2.37.4

2.37.4ubuntu0.1

2.38

2.39.2

2.39.2ubuntu0.2

2.40

2.42.1

2.45.1

2.45.1ubuntu0.2

2.46.1

2.47.1

2.48

2.48.3

Ecosystem specific

{
    "ubuntu_priority": "high",
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "golang-github-snapcore-snapd-dev",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "golang-github-ubuntu-core-snappy-dev",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "snap-confine",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "snapd",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "snapd-dbgsym",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "snapd-xdg-open",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "ubuntu-core-launcher",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "ubuntu-core-snapd-units",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "ubuntu-snappy",
            "binary_version": "2.54.3+16.04~esm2"
        },
        {
            "binary_name": "ubuntu-snappy-cli",
            "binary_version": "2.54.3+16.04~esm2"
        }
    ]
}

Ubuntu:18.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.54.3+18.04?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.54.3+18.04

Affected versions

2.*

2.28.5+17.10

2.29.4.1+18.04

2.29.4.2+18.04

2.31.1+18.04

2.32+18.04~pre5

2.32+18.04~pre6

2.32+18.04

2.32.3.2+18.04

2.32.5+18.04

2.32.8+18.04

2.32.9+18.04

2.33.1+18.04ubuntu2

2.34.2+18.04

2.34.2+18.04.1

2.37.1+18.04

2.37.1.1+18.04

2.37.4+18.04

2.37.4+18.04.1

2.38+18.04

2.39.2+18.04

2.40+18.04

2.42.1+18.04

2.45.1+18.04

2.45.1+18.04.2

2.46.1+18.04

2.47.1+18.04

2.48+18.04

2.48.3+18.04

2.49.2+18.04

2.51.1+18.04

2.54.2+18.04ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "high",
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "golang-github-snapcore-snapd-dev",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "golang-github-ubuntu-core-snappy-dev",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "snap-confine",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "snapd",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "snapd-dbgsym",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "snapd-xdg-open",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "ubuntu-core-launcher",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "ubuntu-core-snapd-units",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "ubuntu-snappy",
            "binary_version": "2.54.3+18.04"
        },
        {
            "binary_name": "ubuntu-snappy-cli",
            "binary_version": "2.54.3+18.04"
        }
    ]
}

Ubuntu:20.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.54.3+20.04?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.54.3+20.04

Affected versions

2.*

2.41+19.10.1

2.42.1+20.04

2.43.3+git1.8109f8

2.44~pre1+20.04

2.44+20.04

2.44.2+20.04

2.44.3+20.04

2.45.1+20.04

2.45.1+20.04.2

2.46.1+20.04

2.47.1+20.04

2.48+20.04

2.48.3+20.04

2.49.2+20.04

2.51.1+20.04ubuntu2

2.54.2+20.04ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "high",
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "golang-github-snapcore-snapd-dev",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "golang-github-ubuntu-core-snappy-dev",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "snap-confine",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "snapd",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "snapd-dbgsym",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "snapd-xdg-open",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "ubuntu-core-launcher",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "ubuntu-core-snapd-units",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "ubuntu-snappy",
            "binary_version": "2.54.3+20.04"
        },
        {
            "binary_name": "ubuntu-snappy-cli",
            "binary_version": "2.54.3+20.04"
        }
    ]
}