USN-6940-2

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-6940-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6940-2.json

JSON Data

https://api.test.osv.dev/v1/vulns/USN-6940-2

Related

Published

2025-01-13T10:16:20.615420Z

Modified

2025-01-13T10:16:20.615420Z

Summary

snapd vulnerabilities

Details

USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.

Original advisory details:

Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. (CVE-2024-1724)

Zeyad Gouda discovered that snapd failed to properly check the file type when extracting a snap. An attacker who could convince a user to install a malicious snap containing non-regular files could then cause snapd to block indefinitely while trying to read from such files and cause a denial of service. (CVE-2024-29068)

Zeyad Gouda discovered that snapd failed to properly check the destination of symbolic links when extracting a snap. An attacker who could convince a user to install a malicious snap containing crafted symbolic links could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow a local unprivileged user to gain access to privileged information. (CVE-2024-29069)

References

Affected packages

Ubuntu:Pro:16.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.61.4ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.61.4ubuntu0.16.04.1+esm1

Affected versions

1.*

1.9

1.9.1.1

1.9.2

2.*

2.0

2.0.1

2.0.2

2.0.3

2.0.5

2.0.8

2.0.9

2.0.10

2.11+0.16.04

2.12+0.16.04

2.13

2.14.2~16.04

2.15.2ubuntu1

2.16ubuntu3

2.17.1ubuntu1

2.20.1ubuntu1

2.21

2.22.2

2.22.3

2.22.6

2.23.1

2.24.1

2.25

2.26.10

2.27.5

2.28.5

2.29.4.2

2.32.3.2

2.32.9

2.33.1ubuntu2

2.34.2

2.34.2ubuntu0.1

2.37.4

2.37.4ubuntu0.1

2.38

2.39.2

2.39.2ubuntu0.2

2.40

2.42.1

2.45.1

2.45.1ubuntu0.2

2.46.1

2.47.1

2.48

2.48.3

2.54.3+16.04~esm2

2.54.3+16.04.0ubuntu0.1~esm3

2.54.3+16.04.0ubuntu0.1~esm4

2.54.3+16.04.0ubuntu0.1~esm5

2.54.3+16.04.0ubuntu0.1~esm6

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "golang-github-snapcore-snapd-dev"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "golang-github-ubuntu-core-snappy-dev"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "snap-confine"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "snapd"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "snapd-dbgsym"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "snapd-xdg-open"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "ubuntu-core-launcher"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "ubuntu-core-snapd-units"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "ubuntu-snappy"
        },
        {
            "binary_version": "2.61.4ubuntu0.16.04.1+esm1",
            "binary_name": "ubuntu-snappy-cli"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / snapd

Package

Name: snapd
Purl: pkg:deb/ubuntu/snapd@2.61.4ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.61.4ubuntu0.18.04.1+esm1

Affected versions

2.*

2.28.5+17.10

2.29.4.1+18.04

2.29.4.2+18.04

2.31.1+18.04

2.32+18.04~pre5

2.32+18.04~pre6

2.32+18.04

2.32.3.2+18.04

2.32.5+18.04

2.32.8+18.04

2.32.9+18.04

2.33.1+18.04ubuntu2

2.34.2+18.04

2.34.2+18.04.1

2.37.1+18.04

2.37.1.1+18.04

2.37.4+18.04

2.37.4+18.04.1

2.38+18.04

2.39.2+18.04

2.40+18.04

2.42.1+18.04

2.45.1+18.04

2.45.1+18.04.2

2.46.1+18.04

2.47.1+18.04

2.48+18.04

2.48.3+18.04

2.49.2+18.04

2.51.1+18.04

2.54.2+18.04ubuntu1

2.54.3+18.04

2.54.3+18.04.2ubuntu0.1

2.54.3+18.04.2ubuntu0.2

2.55.5+18.04

2.57.5+18.04

2.57.5+18.04ubuntu0.1

2.58+18.04

2.58+18.04.1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "golang-github-snapcore-snapd-dev"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "golang-github-ubuntu-core-snappy-dev"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "snap-confine"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "snapd"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "snapd-dbgsym"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "snapd-xdg-open"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "ubuntu-core-launcher"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "ubuntu-core-snapd-units"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "ubuntu-snappy"
        },
        {
            "binary_version": "2.61.4ubuntu0.18.04.1+esm1",
            "binary_name": "ubuntu-snappy-cli"
        }
    ]
}