USN-5753-1
- Source
- https://ubuntu.com/security/notices/USN-5753-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5753-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-5753-1
- Upstream
- Related
- Published
- 2022-12-01T01:08:10.331102Z
- Modified
- 2025-10-13T04:36:09Z
- Summary
- snapd vulnerability
- Details
-
The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.54.3+16.04.0ubuntu0.1~esm5?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.54.3+16.04.0ubuntu0.1~esm5
Affected versions
1.*
1.9
1.9.1.1
1.9.2
2.*
2.0
2.0.1
2.0.2
2.0.3
2.0.5
2.0.8
2.0.9
2.0.10
2.11+0.16.04
2.12+0.16.04
2.13
2.14.2~16.04
2.15.2ubuntu1
2.16ubuntu3
2.17.1ubuntu1
2.20.1ubuntu1
2.21
2.22.2
2.22.3
2.22.6
2.23.1
2.24.1
2.25
2.26.10
2.27.5
2.28.5
2.29.4.2
2.32.3.2
2.32.9
2.33.1ubuntu2
2.34.2
2.34.2ubuntu0.1
2.37.4
2.37.4ubuntu0.1
2.38
2.39.2
2.39.2ubuntu0.2
2.40
2.42.1
2.45.1
2.45.1ubuntu0.2
2.46.1
2.47.1
2.48
2.48.3
2.54.3+16.04~esm2
2.54.3+16.04.0ubuntu0.1~esm3
2.54.3+16.04.0ubuntu0.1~esm4
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "snap-confine",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "snapd",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.54.3+16.04.0ubuntu0.1~esm5"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2022-3328"
}
]
}
Ubuntu:18.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.57.5+18.04ubuntu0.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.57.5+18.04ubuntu0.1
Affected versions
2.*
2.28.5+17.10
2.29.4.1+18.04
2.29.4.2+18.04
2.31.1+18.04
2.32+18.04~pre5
2.32+18.04~pre6
2.32+18.04
2.32.3.2+18.04
2.32.5+18.04
2.32.8+18.04
2.32.9+18.04
2.33.1+18.04ubuntu2
2.34.2+18.04
2.34.2+18.04.1
2.37.1+18.04
2.37.1.1+18.04
2.37.4+18.04
2.37.4+18.04.1
2.38+18.04
2.39.2+18.04
2.40+18.04
2.42.1+18.04
2.45.1+18.04
2.45.1+18.04.2
2.46.1+18.04
2.47.1+18.04
2.48+18.04
2.48.3+18.04
2.49.2+18.04
2.51.1+18.04
2.54.2+18.04ubuntu1
2.54.3+18.04
2.54.3+18.04.2ubuntu0.1
2.54.3+18.04.2ubuntu0.2
2.55.5+18.04
2.57.5+18.04
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "snapd",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.57.5+18.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.57.5+18.04ubuntu0.1"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:18.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2022-3328"
}
]
}
Ubuntu:20.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.57.5+20.04ubuntu0.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.57.5+20.04ubuntu0.1
Affected versions
2.*
2.41+19.10.1
2.42.1+20.04
2.43.3+git1.8109f8
2.44~pre1+20.04
2.44+20.04
2.44.2+20.04
2.44.3+20.04
2.45.1+20.04
2.45.1+20.04.2
2.46.1+20.04
2.47.1+20.04
2.48+20.04
2.48.3+20.04
2.49.2+20.04
2.51.1+20.04ubuntu2
2.54.2+20.04ubuntu2
2.54.3+20.04
2.54.3+20.04.1
2.54.3+20.04.1ubuntu0.1
2.54.3+20.04.1ubuntu0.2
2.54.3+20.04.1ubuntu0.3
2.55.5+20.04
2.57.5+20.04
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "snapd",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.57.5+20.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.57.5+20.04ubuntu0.1"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:20.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2022-3328"
}
]
}
Ubuntu:22.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.57.5+22.04ubuntu0.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.57.5+22.04ubuntu0.1
Affected versions
2.*
2.53+21.10ubuntu1
2.54.2+22.04ubuntu1
2.54.2+22.04ubuntu2
2.54.2+22.04ubuntu3
2.54.3+git19.g868fc21+22.04
2.54.3+git26.g360067e+22.04
2.55.2+22.04
2.55.2+22.04.1
2.55.3+22.04
2.55.3+22.04ubuntu1
2.55.5+22.04
2.56.2+22.04ubuntu1
2.57.4+22.04
2.57.5+22.04
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "snapd",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.57.5+22.04ubuntu0.1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.57.5+22.04ubuntu0.1"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
],
"id": "CVE-2022-3328"
}
]
}