Vulnerabilities > Canonical > Snapd > 1.9.3

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2022-3328 Race Condition vulnerability in Canonical Snapd and Ubuntu Linux
Race condition in snap-confine's must_mkdir_and_open_with_perms()
local
high complexity
canonical CWE-362
7.0
2023-09-01 CVE-2023-1523 Injection vulnerability in Canonical Snapd
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits.
network
low complexity
canonical CWE-74
critical
10.0
2022-02-17 CVE-2021-3155 Incorrect Default Permissions vulnerability in Canonical Snapd
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions.
local
low complexity
canonical CWE-276
2.1
2022-02-17 CVE-2021-44730 Link Following vulnerability in multiple products
snapd 2.54.2 did not properly validate the location of the snap-confine binary.
local
low complexity
canonical fedoraproject debian CWE-59
8.8
2022-02-17 CVE-2021-44731 Race Condition vulnerability in multiple products
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap.
local
high complexity
canonical fedoraproject debian CWE-362
7.8
2022-02-17 CVE-2021-4120 Improper Input Validation vulnerability in multiple products
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement.
local
low complexity
canonical fedoraproject CWE-20
7.8
2020-07-29 CVE-2020-11933 Unspecified vulnerability in Canonical Snapd
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption.
local
low complexity
canonical
4.6
2019-04-24 CVE-2019-11503 Link Following vulnerability in Canonical Snapd
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."
network
low complexity
canonical CWE-59
7.5
2019-04-24 CVE-2019-11502 Link Following vulnerability in Canonical Snapd
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user.
network
low complexity
canonical CWE-59
5.0
2019-04-23 CVE-2019-7304 Incorrect Authorization vulnerability in Canonical Snapd
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root.
network
low complexity
canonical CWE-863
critical
9.8