CVE-2020-16123

CWE-362 — Race Condition7 documents7 sources

Severity

4.7MEDIUM

EPSS

0.1%

top 75.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Pulseaudio Canonical Ubuntu Linux

Timeline

PublishedDec 4

Latest updateMay 24

Description

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited by an attacker to expose sensitive information. Fixed in 1:13.99.3-1ubuntu2, 1:13.99.2-1ubuntu2.1, 1:13.99.1-1ubuntu3.8, 1:11.1-1ubuntu7.11, and 1:8.0-0ubuntu3.15.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5canonical/pulseaudio1:13.99.3-1 — 1:13.99.3-1ubuntu2+4

▶Ubuntupulseaudio< 1:8.0-0ubuntu3.15+2

Also affects: Ubuntu Linux 16.04, 18.04, 20.04, 20.10

Patches

Patch: ubuntu.com ↗Patch: ubuntu.com ↗

🔴Vulnerability Details

GHSA

GHSA-h38w-g4mp-rwv7: An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as↗2022-05-24

▶

CVEList

Bypass of snapd pulseaudio restrictions↗2020-12-03

▶

OSV

CVE-2020-16123: An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as↗2020-11-23

▶

📋Vendor Advisories

Ubuntu

PulseAudio vulnerability↗2020-11-23

▶

Red Hat

pulseaudio: race condition in snap policy module allows for information exposure↗2020-11-23

▶

Debian

CVE-2020-16123: pulseaudio - An Ubuntu-specific patch in PulseAudio created a race condition where the snap p...↗2020

▶