what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-4728-1

Ubuntu Security Notice USN-4728-1
Posted Feb 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4728-1 - Gilad Reti discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a compromised or malicious container.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-27352
SHA-256 | f62b67ef889b9ee520de0fe63f88fb82946d64b109047879e30516ab1bbfe140

Ubuntu Security Notice USN-4728-1

Change Mirror Download
=========================================================================
Ubuntu Security Notice USN-4728-1
February 10, 2021

snapd vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

An intended access restriction in snapd could be bypassed by container
management snaps.

Software Description:
- snapd: Daemon and tooling that enable snap packages

Details:

Gilad Reti discovered that snapd did not correctly specify cgroup
delegation when generating systemd service units for various container
management snaps. This could allow a local attacker to escalate privileges
via access to arbitrary devices of the container host from within a
compromised or malicious container.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
snapd 2.48.3+20.10

Ubuntu 20.04 LTS:
snapd 2.48.3+20.04

Ubuntu 18.04 LTS:
snapd 2.48.3+18.04

Ubuntu 16.04 LTS:
snapd 2.48.3

In general, a standard system update will make all the necessary changes.
On Ubuntu, snapd will automatically refresh itself to snapd 2.48.3 which is
unaffected. Affected container management snaps will also automatically
refresh which will restart containers and resolve this vulnerability.

References:
https://usn.ubuntu.com/4728-1
CVE-2020-27352

Package Information:
https://launchpad.net/ubuntu/+source/snapd/2.48.3+20.10
https://launchpad.net/ubuntu/+source/snapd/2.48.3+20.04
https://launchpad.net/ubuntu/+source/snapd/2.48.3+18.04
https://launchpad.net/ubuntu/+source/snapd/2.48.3
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close