Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.
References
Link | Resource |
---|---|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523 | Third Party Advisory |
https://github.com/snapcore/snapd/pull/12849 | Issue Tracking Patch |
https://marc.info/?l=oss-security&m=167879021709955&w=2 | Exploit Mailing List |
https://ubuntu.com/security/notices/USN-6125-1 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2023-09-01T18:41:47.820Z
Updated: 2023-09-01T18:41:47.820Z
Reserved: 2023-03-20T17:41:17.600Z
Link: CVE-2023-1523
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-01T19:15:42.707
Modified: 2023-09-08T17:17:40.033
Link: CVE-2023-1523
JSON object: View
Redhat Information
No data.
CWE