Vulnerability Description
In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Snapcraft | < 4.4.4 |
| Canonical | Ubuntu Linux | 16.04 |
Related Weaknesses (CWE)
References
- https://bugs.launchpad.net/bugs/1901572ExploitIssue TrackingThird Party Advisory
- https://github.com/snapcore/snapcraft/pull/3345Third Party Advisory
- https://usn.ubuntu.com/usn/usn-4661-1PatchThird Party Advisory
- https://bugs.launchpad.net/bugs/1901572ExploitIssue TrackingThird Party Advisory
- https://github.com/snapcore/snapcraft/pull/3345Third Party Advisory
- https://usn.ubuntu.com/usn/usn-4661-1PatchThird Party Advisory
FAQ
What is CVE-2020-27348?
CVE-2020-27348 is a vulnerability with a CVSS score of 6.8 (MEDIUM). In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plu...
How severe is CVE-2020-27348?
CVE-2020-27348 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-27348?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Snapcraft, Canonical Ubuntu Linux.