CVE-2024-1724

Published: Jul 25, 2024

Modified: Aug 1, 2024

PUBLISHED

CVSS v3.1

6.3

MEDIUM

Description

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap which used the 'home' plug could use this vulnerability to install arbitrary scripts into the users PATH which may then be run by the user outside of the expected snap sandbox and hence allow them to escape confinement.

Vendor	Product	Versions
Canonical	snap	affected `0 - < 2.62`

Weaknesses (CWE)

CWE-732

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://github.com/snapcore/snapd/commit/aa191f97713de8dc3ce3ac818539f0b976eb8ef6

https://gld.mcphail.uk/posts/explaining-cve-2024-1724/

https://github.com/snapcore/snapd/pull/13689

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-1724

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References