Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sandbox escape vulnerability via snapctl user-open (xdg-open)
Vulnerability Description
It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this to bypass intended access restrictions to control how the host system xdg-open script opens the URL and, for example, execute a script shipped with the snap without confinement. This issue did not affect Ubuntu Core systems. Fixed in snapd versions 2.45.1ubuntu0.2, 2.45.1+18.04.2 and 2.45.1+20.04.2.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
Vulnerability Type
N/A
Vulnerability Title
Canonical snapd 安全漏洞
Vulnerability Description
Canonical snapd是英国科能(Canonical)公司的一套软件部署和包管理系统。 Canonical snapd中存在安全漏洞,该漏洞源于snapctl user-open允许在调用系统xdg-open时更改$XDG_DATA_DIRS环境变量。攻击者可利用该漏洞绕过访问限制,以控制主机系统xdg-open脚本打开URL的方式。
CVSS Information
N/A
Vulnerability Type
N/A