snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2019/04/25/7 | Third Party Advisory |
https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1 | Patch Third Party Advisory |
https://www.openwall.com/lists/oss-security/2019/04/18/4 | Mailing List Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-04-24T20:02:32
Updated: 2019-04-25T17:06:03
Reserved: 2019-04-24T00:00:00
Link: CVE-2019-11502
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-04-24T21:29:00.727
Modified: 2019-05-02T13:35:31.683
Link: CVE-2019-11502
JSON object: View
Redhat Information
No data.
CWE