First published: Thu Feb 17 2022(Updated: )
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
Credit: security@ubuntu.com security@ubuntu.com
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical snapd | <=2.54.2 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
Canonical Ubuntu Linux | =21.10 | |
Fedoraproject Fedora | =34 | |
Fedoraproject Fedora | =35 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
debian/snapd | 2.37.4-1+deb10u1 2.37.4-1+deb10u3 2.49-1+deb11u2 2.57.6-1 2.61.2-2 | |
ubuntu/snapd | <2.54.3+18.04 | 2.54.3+18.04 |
ubuntu/snapd | <2.54.3+20.04 | 2.54.3+20.04 |
ubuntu/snapd | <2.54.3+21.10.1 | 2.54.3+21.10.1 |
ubuntu/snapd | <2.54.3+14.04~ | 2.54.3+14.04~ |
ubuntu/snapd | <2.54.3 | 2.54.3 |
ubuntu/snapd | <2.54.3+16.04~ | 2.54.3+16.04~ |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-44730 is a vulnerability in snapd 2.54.2 that allows a local attacker to execute arbitrary binaries with escalated privileges by hardlinking the snap-confine binary to another location.
CVE-2021-44730 has a severity score of 8.8, which is considered high.
To fix CVE-2021-44730, update snapd to version 2.54.3+18.04, 2.54.3+20.04, or 2.54.3+21.10.1, depending on your system version.
Versions of snapd up to and including 2.54.2 are affected by CVE-2021-44730.
More information about CVE-2021-44730 can be found at the following references: [Reference 1](http://www.openwall.com/lists/oss-security/2022/02/18/2), [Reference 2](http://www.openwall.com/lists/oss-security/2022/02/23/1), [Reference 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/).