• snapd vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Wed Jul 15 20:10:02 2020
    snapd vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    An intended access restriction in snapd could be bypassed by
    strict mode snaps.

    Software Description

    * snapd - Daemon and tooling that enable snap packages

    Details

    It was discovered that cloud-init as managed by snapd on Ubuntu
    Core 16 and Ubuntu Core 18 devices ran on every boot without
    restrictions. A physical attacker could exploit this to craft
    cloud-init user-data/meta-data via external media to perform
    arbitrary changes on the device to bypass intended security
    mechanisms such as full disk encryption. This issue did not affect
    traditional Ubuntu systems. (CVE-2020-11933)

    It was discovered that snapctl user-open allowed altering the
    XDG_DATA_DIRS environment variable when calling the system
    xdg-open. A malicious snap could exploit this to bypass intended
    access restrictions to control how the host system xdg-open script
    opens the URL. This issue did not affect Ubuntu Core systems.
    (CVE-2020-11934)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    snapd - 2.45.1+20.04.2

    Ubuntu 19.10
    snapd - 2.45.1+19.10.2

    Ubuntu 18.04 LTS
    snapd - 2.45.1+18.04.2

    Ubuntu 16.04 LTS
    snapd - 2.45.1ubuntu0.2

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes. On Ubuntu, snapd will automatically refresh itself to
    snapd 2.45.2 which is unaffected.

    References

    * CVE-2020-11933
    * CVE-2020-11934

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)