Security
Headlines

Headlines Latest CVEs

Headline

GHSA-4mh8-9689-38vr: snapd failed to restrict writes to the $HOME/bin path

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap which used the ‘home’ plug could use this vulnerability to install arbitrary scripts into the users PATH which may then be run by the user outside of the expected snap sandbox and hence allow them to escape confinement.

4 months ago

#vulnerability #ubuntu #git

GitHub Advisory Database
GitHub Reviewed
CVE-2024-1724

snapd failed to restrict writes to the $HOME/bin path

Moderate severity GitHub Reviewed Published Jul 25, 2024 to the GitHub Advisory Database • Updated Jul 26, 2024

Package

gomod github.com/snapcore/snapd (Go)

Published to the GitHub Advisory Database

Jul 25, 2024

Last updated

Jul 26, 2024

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution

1 day ago

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

1 day ago

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

1 day ago

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

1 day ago

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

1 day ago