USN-6940-2
- Source
- https://ubuntu.com/security/notices/USN-6940-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6940-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-6940-2
- Upstream
- Related
- Published
- 2025-01-13T10:16:20.615420Z
- Modified
- 2025-10-13T04:37:57Z
- Summary
- snapd vulnerabilities
- Details
-
USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
Original advisory details:
Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. (CVE-2024-1724)
Zeyad Gouda discovered that snapd failed to properly check the file type when extracting a snap. An attacker who could convince a user to install a malicious snap containing non-regular files could then cause snapd to block indefinitely while trying to read from such files and cause a denial of service. (CVE-2024-29068)
Zeyad Gouda discovered that snapd failed to properly check the destination of symbolic links when extracting a snap. An attacker who could convince a user to install a malicious snap containing crafted symbolic links could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow a local unprivileged user to gain access to privileged information. (CVE-2024-29069)
- References
Affected packages
Ubuntu:Pro:16.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.61.4ubuntu0.16.04.1+esm1
Affected versions
1.*
1.9
1.9.1.1
1.9.2
2.*
2.0
2.0.1
2.0.2
2.0.3
2.0.5
2.0.8
2.0.9
2.0.10
2.11+0.16.04
2.12+0.16.04
2.13
2.14.2~16.04
2.15.2ubuntu1
2.16ubuntu3
2.17.1ubuntu1
2.20.1ubuntu1
2.21
2.22.2
2.22.3
2.22.6
2.23.1
2.24.1
2.25
2.26.10
2.27.5
2.28.5
2.29.4.2
2.32.3.2
2.32.9
2.33.1ubuntu2
2.34.2
2.34.2ubuntu0.1
2.37.4
2.37.4ubuntu0.1
2.38
2.39.2
2.39.2ubuntu0.2
2.40
2.42.1
2.45.1
2.45.1ubuntu0.2
2.46.1
2.47.1
2.48
2.48.3
2.54.3+16.04~esm2
2.54.3+16.04.0ubuntu0.1~esm3
2.54.3+16.04.0ubuntu0.1~esm4
2.54.3+16.04.0ubuntu0.1~esm5
2.54.3+16.04.0ubuntu0.1~esm6
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "golang-github-snapcore-snapd-dev"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "golang-github-ubuntu-core-snappy-dev"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "snap-confine"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "snapd"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "snapd-xdg-open"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "ubuntu-core-launcher"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "ubuntu-core-snapd-units"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "ubuntu-snappy"
},
{
"binary_version": "2.61.4ubuntu0.16.04.1+esm1",
"binary_name": "ubuntu-snappy-cli"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-1724"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-29068"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-29069"
}
]
}
Ubuntu:Pro:18.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.61.4ubuntu0.18.04.1+esm1
Affected versions
2.*
2.28.5+17.10
2.29.4.1+18.04
2.29.4.2+18.04
2.31.1+18.04
2.32+18.04~pre5
2.32+18.04~pre6
2.32+18.04
2.32.3.2+18.04
2.32.5+18.04
2.32.8+18.04
2.32.9+18.04
2.33.1+18.04ubuntu2
2.34.2+18.04
2.34.2+18.04.1
2.37.1+18.04
2.37.1.1+18.04
2.37.4+18.04
2.37.4+18.04.1
2.38+18.04
2.39.2+18.04
2.40+18.04
2.42.1+18.04
2.45.1+18.04
2.45.1+18.04.2
2.46.1+18.04
2.47.1+18.04
2.48+18.04
2.48.3+18.04
2.49.2+18.04
2.51.1+18.04
2.54.2+18.04ubuntu1
2.54.3+18.04
2.54.3+18.04.2ubuntu0.1
2.54.3+18.04.2ubuntu0.2
2.55.5+18.04
2.57.5+18.04
2.57.5+18.04ubuntu0.1
2.58+18.04
2.58+18.04.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "golang-github-snapcore-snapd-dev"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "golang-github-ubuntu-core-snappy-dev"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "snap-confine"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "snapd"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "snapd-xdg-open"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "ubuntu-core-launcher"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "ubuntu-core-snapd-units"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "ubuntu-snappy"
},
{
"binary_version": "2.61.4ubuntu0.18.04.1+esm1",
"binary_name": "ubuntu-snappy-cli"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"cves": [
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-1724"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-29068"
},
{
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
],
"id": "CVE-2024-29069"
}
]
}