Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for core by Canonical

    CVE-2020-11933 (GCVE-0-2020-11933)

    Vulnerability from nvd – Published: 2020-07-29 16:25 – Updated: 2024-09-17 00:40
    VLAI
    Title
    local snapd exploit through cloud-init
    Summary
    cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    References
    URL Tags
    https://launchpad.net/bugs/1879530 x_refsource_CONFIRM
    https://ubuntu.com/USN-4424-1 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Canonical snapd Affected: 2.45.2 , < 2.45.2, revision 8539 (custom)
    Create a notification for this product.
    Canonical core Affected: 2.45.2 , < 2.45.2, revision 9659 (custom)
    Create a notification for this product.
    Date Public
    2020-05-19 00:00
    Credits
    Ian Johnson
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:42:00.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/1879530"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://ubuntu.com/USN-4424-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snapd",
              "vendor": "Canonical",
              "versions": [
                {
                  "lessThan": "2.45.2, revision 8539",
                  "status": "affected",
                  "version": "2.45.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "core",
              "vendor": "Canonical",
              "versions": [
                {
                  "lessThan": "2.45.2, revision 9659",
                  "status": "affected",
                  "version": "2.45.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Ian Johnson"
            }
          ],
          "datePublic": "2020-05-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-29T16:25:25.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/1879530"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://ubuntu.com/USN-4424-1"
            }
          ],
          "source": {
            "advisory": "https://ubuntu.com/USN-4424-1",
            "defect": [
              "https://launchpad.net/bugs/1879530"
            ],
            "discovery": "INTERNAL"
          },
          "title": "local snapd exploit through cloud-init",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "security@ubuntu.com",
              "DATE_PUBLIC": "2020-05-19T16:34:00.000Z",
              "ID": "CVE-2020-11933",
              "STATE": "PUBLIC",
              "TITLE": "local snapd exploit through cloud-init"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "snapd",
                          "version": {
                            "version_data": [
                              {
                                "platform": "",
                                "version_affected": "\u003c",
                                "version_name": "2.45.2",
                                "version_value": "2.45.2, revision 8539"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "core",
                          "version": {
                            "version_data": [
                              {
                                "platform": "",
                                "version_affected": "\u003c",
                                "version_name": "2.45.2",
                                "version_value": "2.45.2, revision 9659"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Canonical"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "Ian Johnson"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-264 Permissions, Privileges, and Access Controls"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://launchpad.net/bugs/1879530",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.net/bugs/1879530"
                },
                {
                  "name": "https://ubuntu.com/USN-4424-1",
                  "refsource": "CONFIRM",
                  "url": "https://ubuntu.com/USN-4424-1"
                }
              ]
            },
            "solution": [],
            "source": {
              "advisory": "https://ubuntu.com/USN-4424-1",
              "defect": [
                "https://launchpad.net/bugs/1879530"
              ],
              "discovery": "INTERNAL"
            },
            "work_around": []
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2020-11933",
        "datePublished": "2020-07-29T16:25:25.690Z",
        "dateReserved": "2020-04-20T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:40:28.129Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11933 (GCVE-0-2020-11933)

    Vulnerability from cvelistv5 – Published: 2020-07-29 16:25 – Updated: 2024-09-17 00:40
    VLAI
    Title
    local snapd exploit through cloud-init
    Summary
    cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.
    CWE
    • CWE-264 - Permissions, Privileges, and Access Controls
    Assigner
    References
    URL Tags
    https://launchpad.net/bugs/1879530 x_refsource_CONFIRM
    https://ubuntu.com/USN-4424-1 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Canonical snapd Affected: 2.45.2 , < 2.45.2, revision 8539 (custom)
    Create a notification for this product.
    Canonical core Affected: 2.45.2 , < 2.45.2, revision 9659 (custom)
    Create a notification for this product.
    Date Public
    2020-05-19 00:00
    Credits
    Ian Johnson
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:42:00.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/1879530"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://ubuntu.com/USN-4424-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "snapd",
              "vendor": "Canonical",
              "versions": [
                {
                  "lessThan": "2.45.2, revision 8539",
                  "status": "affected",
                  "version": "2.45.2",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "core",
              "vendor": "Canonical",
              "versions": [
                {
                  "lessThan": "2.45.2, revision 9659",
                  "status": "affected",
                  "version": "2.45.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Ian Johnson"
            }
          ],
          "datePublic": "2020-05-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-264",
                  "description": "CWE-264 Permissions, Privileges, and Access Controls",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-29T16:25:25.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/1879530"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://ubuntu.com/USN-4424-1"
            }
          ],
          "source": {
            "advisory": "https://ubuntu.com/USN-4424-1",
            "defect": [
              "https://launchpad.net/bugs/1879530"
            ],
            "discovery": "INTERNAL"
          },
          "title": "local snapd exploit through cloud-init",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "security@ubuntu.com",
              "DATE_PUBLIC": "2020-05-19T16:34:00.000Z",
              "ID": "CVE-2020-11933",
              "STATE": "PUBLIC",
              "TITLE": "local snapd exploit through cloud-init"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "snapd",
                          "version": {
                            "version_data": [
                              {
                                "platform": "",
                                "version_affected": "\u003c",
                                "version_name": "2.45.2",
                                "version_value": "2.45.2, revision 8539"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "core",
                          "version": {
                            "version_data": [
                              {
                                "platform": "",
                                "version_affected": "\u003c",
                                "version_name": "2.45.2",
                                "version_value": "2.45.2, revision 9659"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Canonical"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "Ian Johnson"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-264 Permissions, Privileges, and Access Controls"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://launchpad.net/bugs/1879530",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.net/bugs/1879530"
                },
                {
                  "name": "https://ubuntu.com/USN-4424-1",
                  "refsource": "CONFIRM",
                  "url": "https://ubuntu.com/USN-4424-1"
                }
              ]
            },
            "solution": [],
            "source": {
              "advisory": "https://ubuntu.com/USN-4424-1",
              "defect": [
                "https://launchpad.net/bugs/1879530"
              ],
              "discovery": "INTERNAL"
            },
            "work_around": []
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2020-11933",
        "datePublished": "2020-07-29T16:25:25.690Z",
        "dateReserved": "2020-04-20T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:40:28.129Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }