CVE-2019-7303

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 bits to determine which ioctl(2) commands to run. This issue affects: Canonical snapd versions prior to 2.37.4.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
canonicalCNA
5.7 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
canonicalsnapd
𝑥
< 2.37.4
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
snapd
bullseye (security)
2.49-1+deb11u2
fixed
bullseye
2.49-1+deb11u2
fixed
stretch
no-dsa
bookworm
2.57.6-1
fixed
sid
2.65.3-1
fixed
trixie
2.65.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
snapd
cosmic
Fixed 2.37.4+18.10
released
bionic
Fixed 2.37.4+18.04
released
xenial
Fixed 2.37.4
released
trusty
Fixed 2.37.4~14.04
released
Common Weakness Enumeration
References
https://usn.ubuntu.com/3917-1/
https://www.exploit-db.com/exploits/46594
https://usn.ubuntu.com/3917-1/
https://www.exploit-db.com/exploits/46594