Lucene search

DebianDEBIAN:DSA-5080-1:7A581

HistoryFeb 18, 2022 - 7:03 p.m.

[SECURITY] [DSA 5080-1] snapd security update

2022-02-1819:03:16

lists.debian.org

snapd

access restrictions

privilege escalation

debian

cve-2021-44730

cve-2021-44731

update

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

17.3%

JSON

Debian Security Advisory DSA-5080-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
February 18, 2022 https://www.debian.org/security/faq

Package : snapd
CVE ID : CVE-2021-44730 CVE-2021-44731

Multiple vulnerabilties were discovered in snapd, a daemon and tooling
that enable Snap packages, which could result in bypass of access
restrictions or privilege escalation.

For the oldstable distribution (buster), these problems have been fixed
in version 2.37.4-1+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 2.49-1+deb11u1.

We recommend that you upgrade your snapd packages.

For the detailed security status of snapd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/snapd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10arm64snap-confine< 2.37.4-1+deb10u1snap-confine_2.37.4-1+deb10u1_arm64.deb
Debian11armhfsnap-confine< 2.49-1+deb11u1snap-confine_2.49-1+deb11u1_armhf.deb
Debian11s390xsnapd-dbgsym< 2.49-1+deb11u1snapd-dbgsym_2.49-1+deb11u1_s390x.deb
Debian11amd64snap-confine< 2.49-1+deb11u1snap-confine_2.49-1+deb11u1_amd64.deb
Debian10armhfubuntu-core-launcher< 2.37.4-1+deb10u1ubuntu-core-launcher_2.37.4-1+deb10u1_armhf.deb
Debian11amd64ubuntu-core-launcher< 2.49-1+deb11u1ubuntu-core-launcher_2.49-1+deb11u1_amd64.deb
Debian11amd64snapd< 2.49-1+deb11u1snapd_2.49-1+deb11u1_amd64.deb
Debian11s390xubuntu-core-launcher< 2.49-1+deb11u1ubuntu-core-launcher_2.49-1+deb11u1_s390x.deb
Debian10ppc64elsnapd< 2.37.4-1+deb10u1snapd_2.37.4-1+deb10u1_ppc64el.deb
Debian10armelsnapd< 2.37.4-1+deb10u1snapd_2.37.4-1+deb10u1_armel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	arm64	snap-confine	< 2.37.4-1+deb10u1	snap-confine_2.37.4-1+deb10u1_arm64.deb
Debian	11	armhf	snap-confine	< 2.49-1+deb11u1	snap-confine_2.49-1+deb11u1_armhf.deb
Debian	11	s390x	snapd-dbgsym	< 2.49-1+deb11u1	snapd-dbgsym_2.49-1+deb11u1_s390x.deb
Debian	11	amd64	snap-confine	< 2.49-1+deb11u1	snap-confine_2.49-1+deb11u1_amd64.deb
Debian	10	armhf	ubuntu-core-launcher	< 2.37.4-1+deb10u1	ubuntu-core-launcher_2.37.4-1+deb10u1_armhf.deb
Debian	11	amd64	ubuntu-core-launcher	< 2.49-1+deb11u1	ubuntu-core-launcher_2.49-1+deb11u1_amd64.deb
Debian	11	amd64	snapd	< 2.49-1+deb11u1	snapd_2.49-1+deb11u1_amd64.deb
Debian	11	s390x	ubuntu-core-launcher	< 2.49-1+deb11u1	ubuntu-core-launcher_2.49-1+deb11u1_s390x.deb
Debian	10	ppc64el	snapd	< 2.37.4-1+deb10u1	snapd_2.37.4-1+deb10u1_ppc64el.deb
Debian	10	armel	snapd	< 2.37.4-1+deb10u1	snapd_2.37.4-1+deb10u1_armel.deb