James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local attacker could possibly use this issue to inject arbitrary AppArmor policy rules, resulting in a bypass of intended access restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the location of the snap-confine binary. A local attacker could possibly use this issue to execute other arbitrary binaries and escalate privileges. (CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing a private mount namespace for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code. (CVE-2021-44731)
{ "binaries": [ { "binary_name": "golang-github-snapcore-snapd-dev", "binary_version": "2.54.3+18.04" }, { "binary_name": "golang-github-ubuntu-core-snappy-dev", "binary_version": "2.54.3+18.04" }, { "binary_name": "snap-confine", "binary_version": "2.54.3+18.04" }, { "binary_name": "snapd", "binary_version": "2.54.3+18.04" }, { "binary_name": "snapd-dbgsym", "binary_version": "2.54.3+18.04" }, { "binary_name": "snapd-xdg-open", "binary_version": "2.54.3+18.04" }, { "binary_name": "ubuntu-core-launcher", "binary_version": "2.54.3+18.04" }, { "binary_name": "ubuntu-core-snapd-units", "binary_version": "2.54.3+18.04" }, { "binary_name": "ubuntu-snappy", "binary_version": "2.54.3+18.04" }, { "binary_name": "ubuntu-snappy-cli", "binary_version": "2.54.3+18.04" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "golang-github-snapcore-snapd-dev", "binary_version": "2.54.3+20.04" }, { "binary_name": "golang-github-ubuntu-core-snappy-dev", "binary_version": "2.54.3+20.04" }, { "binary_name": "snap-confine", "binary_version": "2.54.3+20.04" }, { "binary_name": "snapd", "binary_version": "2.54.3+20.04" }, { "binary_name": "snapd-dbgsym", "binary_version": "2.54.3+20.04" }, { "binary_name": "snapd-xdg-open", "binary_version": "2.54.3+20.04" }, { "binary_name": "ubuntu-core-launcher", "binary_version": "2.54.3+20.04" }, { "binary_name": "ubuntu-core-snapd-units", "binary_version": "2.54.3+20.04" }, { "binary_name": "ubuntu-snappy", "binary_version": "2.54.3+20.04" }, { "binary_name": "ubuntu-snappy-cli", "binary_version": "2.54.3+20.04" } ], "availability": "No subscription required" }