Untriaged
Permalink
CVE-2020-27352
9.3 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
When generating the systemd service units for the docker snap …
When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.
References
- https://bugs.launchpad.net/snapd/+bug/1910456 issue-tracking
- https://ubuntu.com/security/notices/USN-4728-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-27352 issue-tracking
- https://bugs.launchpad.net/snapd/+bug/1910456 issue-tracking
- https://ubuntu.com/security/notices/USN-4728-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-27352 issue-tracking
- https://bugs.launchpad.net/snapd/+bug/1910456 issue-tracking
- https://ubuntu.com/security/notices/USN-4728-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-27352 issue-tracking
- https://www.cve.org/CVERecord?id=CVE-2020-27352 issue-tracking x_transferred
- https://bugs.launchpad.net/snapd/+bug/1910456 issue-tracking x_transferred
- https://ubuntu.com/security/notices/USN-4728-1 vendor-advisory x_transferred
Affected products
snapd
- <2.48.3
Matching in nixpkgs
pkgs.snapdragon-profiler
Profiler for Android devices running Snapdragon chips
-
nixos-unstable -
- nixpkgs-unstable 2021.2