QwikSec

Security Database

CVE

CWE

Training

CVE-2021-44731

Published: Feb 17, 2022

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Vendor	Product	Versions
Canonical Ltd.	snapd	affected `unspecified - <= 2.54.2`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

https://ubuntu.com/security/notices/USN-5292-1

[oss-security] 20220218 CVE-2021-4120: Insufficient validation of snap content interface and layout paths

mailing-list

FEDORA-2022-82bea71e5a

vendor-advisory

FEDORA-2022-5df8b52ba4

vendor-advisory

vendor-advisory

[oss-security] 20220223 Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()

mailing-list

[oss-security] 20220223 Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()

mailing-list

[oss-security] 20221130 Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

mailing-list

20221208 Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

mailing-list

http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.