The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.
{ "availability": "No subscription needed", "binaries": [ { "snap-confine": "2.57.5+22.04ubuntu0.1", "ubuntu-snappy": "2.57.5+22.04ubuntu0.1", "snapd-xdg-open": "2.57.5+22.04ubuntu0.1", "snapd": "2.57.5+22.04ubuntu0.1", "ubuntu-core-launcher": "2.57.5+22.04ubuntu0.1", "ubuntu-core-snapd-units": "2.57.5+22.04ubuntu0.1", "golang-github-snapcore-snapd-dev": "2.57.5+22.04ubuntu0.1", "ubuntu-snappy-cli": "2.57.5+22.04ubuntu0.1", "golang-github-ubuntu-core-snappy-dev": "2.57.5+22.04ubuntu0.1" } ] }
{ "availability": "No subscription needed", "binaries": [ { "snap-confine": "2.57.5+18.04ubuntu0.1", "ubuntu-snappy": "2.57.5+18.04ubuntu0.1", "snapd-xdg-open": "2.57.5+18.04ubuntu0.1", "snapd": "2.57.5+18.04ubuntu0.1", "ubuntu-core-launcher": "2.57.5+18.04ubuntu0.1", "ubuntu-core-snapd-units": "2.57.5+18.04ubuntu0.1", "golang-github-snapcore-snapd-dev": "2.57.5+18.04ubuntu0.1", "ubuntu-snappy-cli": "2.57.5+18.04ubuntu0.1", "golang-github-ubuntu-core-snappy-dev": "2.57.5+18.04ubuntu0.1" } ] }
{ "availability": "No subscription needed", "binaries": [ { "snap-confine": "2.57.5+20.04ubuntu0.1", "ubuntu-snappy": "2.57.5+20.04ubuntu0.1", "snapd-xdg-open": "2.57.5+20.04ubuntu0.1", "snapd": "2.57.5+20.04ubuntu0.1", "ubuntu-core-launcher": "2.57.5+20.04ubuntu0.1", "ubuntu-core-snapd-units": "2.57.5+20.04ubuntu0.1", "golang-github-snapcore-snapd-dev": "2.57.5+20.04ubuntu0.1", "ubuntu-snappy-cli": "2.57.5+20.04ubuntu0.1", "golang-github-ubuntu-core-snappy-dev": "2.57.5+20.04ubuntu0.1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "snap-confine": "2.54.3+16.04.0ubuntu0.1~esm5", "ubuntu-snappy": "2.54.3+16.04.0ubuntu0.1~esm5", "snapd-xdg-open": "2.54.3+16.04.0ubuntu0.1~esm5", "snapd": "2.54.3+16.04.0ubuntu0.1~esm5", "ubuntu-core-launcher": "2.54.3+16.04.0ubuntu0.1~esm5", "ubuntu-core-snapd-units": "2.54.3+16.04.0ubuntu0.1~esm5", "golang-github-snapcore-snapd-dev": "2.54.3+16.04.0ubuntu0.1~esm5", "ubuntu-snappy-cli": "2.54.3+16.04.0ubuntu0.1~esm5", "golang-github-ubuntu-core-snappy-dev": "2.54.3+16.04.0ubuntu0.1~esm5" } ] }