CVE-2021-44730

CWE-599 documents6 sources
Severity
8.8HIGH
EPSS
0.0%
top 88.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Canonical Ltd. SnapdCanonical SnapdCanonical Ubuntu Linux+2 more
Timeline
PublishedFeb 17
Latest updateFeb 19

Description

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages3 packages

Debiansnapd< 2.49-1+deb11u1+3
NVDcanonical/snapd2.54.2
CVEListV5canonical_ltd./snapdunspecified2.54.2

Also affects: Debian Linux 10.0, 11.0, Fedora 34, 35, Ubuntu Linux 18.04, 20.04, 21.10

Patches

Patch: ubuntu.comPatch: ubuntu.com

🔴Vulnerability Details

4
GHSA
GHSA-f6xc-44hh-rf46: snapd 22022-02-19
OSV
CVE-2021-44730: snapd 22022-02-17
CVEList
snapd could be made to escalate privileges and run programs as administrator2022-02-17
OSV
snapd vulnerabilities2022-02-17

📋Vendor Advisories

4
Ubuntu
snapd vulnerabilities2022-02-18
Ubuntu
snapd vulnerabilities2022-02-18
Ubuntu
snapd vulnerabilities2022-02-17
Debian
CVE-2021-44730: snapd - snapd 2.54.2 did not properly validate the location of the snap-confine binary. ...2021
CVE-2021-44730 (HIGH CVSS 8.8) | snapd 2.54.2 did not properly valid | cvebase.io