CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11503
https://notcve.org/view.php?id=CVE-2019-11503
24 Apr 2019 — snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass." snap-confine, como se incluía en snap antes de la versión 2.39, no protegía contra condiciones de carrera en enlaces simbólicos al realizar el chdir() al directorio de trabajo actual del usuario que realiza la llamada, también conocido como "cwd restore permission bypass". • http://www.openwall.com/lists/oss-security/2019/04/25/7 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11502
https://notcve.org/view.php?id=CVE-2019-11502
24 Apr 2019 — snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory. snap-confine, en snap antes de la versión 2.38, establece incorrectamente la propiedad de una aplicación snap al uid y gid del usuario que realiza la primera llamada. Consecuentemente, ese usuario tiene un acceso no intencionado a un directorio /tmp privado. • http://www.openwall.com/lists/oss-security/2019/04/25/7 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2019-7303 – Snapd seccomp filter TIOCSTI ioctl bypass
https://notcve.org/view.php?id=CVE-2019-7303
22 Mar 2019 — A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 bits to determine which ioctl(2) commands to run. This issue affects: Canonical snapd versions prior to 2.37.4. Una vulnerabilidad en los filtros seccomp de Canonical snapd anterior a la versión 2.37.4 permite un ... • https://packetstorm.news/files/id/152190 • CWE-628: Function Call with Incorrectly Specified Arguments •
CVSS: 10.0EPSS: 84%CPEs: 5EXPL: 8CVE-2019-7304 – Local privilege escalation via snapd socket
https://notcve.org/view.php?id=CVE-2019-7304
12 Feb 2019 — Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1. El Canonical snapd hasta la versión 2.37.1 realizó incorrectamente la validación del propietario del socket, permitiendo a un atacante ejecutar comandos arbitrarios como root. Este problema afecta a: Canonical snapd versiones anteriores a 2.37.1. Chris Moberly discovered that snapd versions 2.28 through 2.37... • https://packetstorm.news/files/id/151639 • CWE-863: Incorrect Authorization •