CVE-2020-27352

CWE-269Improper Privilege Management6 documents6 sources
Severity
8.8HIGH
EPSS
0.1%
top 65.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Canonical Ltd. SnapdCanonical SnapdCanonical Ubuntu Linux
Timeline
PublishedJun 21

Description

When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.5 | Impact: 6.0

Affected Packages3 packages

NVDcanonical/snapd< 2.48.3
CVEListV5canonical_ltd./snapd< 2.48.3
Debiansnapd< 2.49-1+3

Also affects: Ubuntu Linux 16.04, 18.04, 20.04, 20.10

🔴Vulnerability Details

3
GHSA
GHSA-3hqj-7v65-62fj: When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd wil2024-06-21
CVEList
CVE-2020-27352: When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd wil2024-06-21
OSV
CVE-2020-27352: When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd wil2024-06-21

📋Vendor Advisories

2
Ubuntu
snapd vulnerability2021-02-10
Debian
CVE-2020-27352: snapd - When generating the systemd service units for the docker snap (and other similar...2020
CVE-2020-27352 (HIGH CVSS 8.8) | When generating the systemd service | cvebase.io