USN-5292-1 fixed vulnerabilities in snapd. This update provides the
corresponding update for the riscv64 architecture.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
More Stories
gdcm-3.0.23-5.fc39
FEDORA-2024-11821b16ac Packages in this update: gdcm-3.0.23-5.fc39 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.12-7.el9
FEDORA-EPEL-2024-f5884f808a Packages in this update: gdcm-3.0.12-7.el9 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.21-4.fc38
FEDORA-2024-7a57842ec3 Packages in this update: gdcm-3.0.21-4.fc38 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.23-5.fc40
FEDORA-2024-fae33e6e9f Packages in this update: gdcm-3.0.23-5.fc40 Update description: Security fixes TALOS-2024-1924, CVE-2024-22391: heap overflow TALOS-2024-1935, CVE-2024-22373: out-of-bounds write TALOS-2024-1944, CVE-2024-25569:...
gdcm-3.0.23-5.fc41
FEDORA-2024-c5909efa5c Packages in this update: gdcm-3.0.23-5.fc41 Update description: Automatic update for gdcm-3.0.23-5.fc41. Changelog * Fri Apr 26 2024 Sandro <devel@penguinpee.nl>...
ZDI-CAN-23681: Luxion
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2024-04-26, 0 days...