Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2019-7304

CWE-863 — Incorrect Authorization8 documents7 sources

Severity

9.8CRITICAL

EPSS

82.5%

top 0.77%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Canonical Snapd Canonical Ubuntu Linux

Timeline

PublishedApr 23

Latest updateMay 24

Description

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5canonical/snapdunspecified — 2.37.1

▶NVDcanonical/snapd< 2.37.1

▶Debiansnapd< 2.37.1-1+3

Also affects: Ubuntu Linux 14.04, 16.04, 18.04, 18.10

🔴Vulnerability Details

GHSA

GHSA-jvm5-cj73-m9qg: Canonical snapd before version 2↗2022-05-24

▶

CVEList

Local privilege escalation via snapd socket↗2019-04-23

▶

OSV

CVE-2019-7304: Canonical snapd before version 2↗2019-04-23

▶

💥Exploits & PoCs

Exploit-DB

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)↗2019-02-13

▶

Exploit-DB

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)↗2019-02-13

▶

📋Vendor Advisories

Ubuntu

snapd vulnerability↗2019-02-12

▶

Debian

CVE-2019-7304: snapd - Canonical snapd before version 2.37.1 incorrectly performed socket owner validat...↗2019

▶