Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for core by Canonical
CVE-2020-11933 (GCVE-0-2020-11933)
Vulnerability from nvd – Published: 2020-07-29 16:25 – Updated: 2024-09-17 00:40
VLAI?
Title
local snapd exploit through cloud-init
Summary
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.
Severity ?
7.3 (High)
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Date Public ?
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/1879530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ubuntu.com/USN-4424-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "snapd",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.45.2, revision 8539",
"status": "affected",
"version": "2.45.2",
"versionType": "custom"
}
]
},
{
"product": "core",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.45.2, revision 9659",
"status": "affected",
"version": "2.45.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ian Johnson"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-29T16:25:25.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/1879530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://ubuntu.com/USN-4424-1"
}
],
"source": {
"advisory": "https://ubuntu.com/USN-4424-1",
"defect": [
"https://launchpad.net/bugs/1879530"
],
"discovery": "INTERNAL"
},
"title": "local snapd exploit through cloud-init",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2020-05-19T16:34:00.000Z",
"ID": "CVE-2020-11933",
"STATE": "PUBLIC",
"TITLE": "local snapd exploit through cloud-init"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "snapd",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "2.45.2",
"version_value": "2.45.2, revision 8539"
}
]
}
},
{
"product_name": "core",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "2.45.2",
"version_value": "2.45.2, revision 9659"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "Ian Johnson"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.net/bugs/1879530",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/1879530"
},
{
"name": "https://ubuntu.com/USN-4424-1",
"refsource": "CONFIRM",
"url": "https://ubuntu.com/USN-4424-1"
}
]
},
"solution": [],
"source": {
"advisory": "https://ubuntu.com/USN-4424-1",
"defect": [
"https://launchpad.net/bugs/1879530"
],
"discovery": "INTERNAL"
},
"work_around": []
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2020-11933",
"datePublished": "2020-07-29T16:25:25.690Z",
"dateReserved": "2020-04-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:40:28.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11933 (GCVE-0-2020-11933)
Vulnerability from cvelistv5 – Published: 2020-07-29 16:25 – Updated: 2024-09-17 00:40
VLAI?
Title
local snapd exploit through cloud-init
Summary
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659.
Severity ?
7.3 (High)
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Date Public ?
2020-05-19 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:42:00.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/1879530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ubuntu.com/USN-4424-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "snapd",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.45.2, revision 8539",
"status": "affected",
"version": "2.45.2",
"versionType": "custom"
}
]
},
{
"product": "core",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.45.2, revision 9659",
"status": "affected",
"version": "2.45.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ian Johnson"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-29T16:25:25.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/1879530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://ubuntu.com/USN-4424-1"
}
],
"source": {
"advisory": "https://ubuntu.com/USN-4424-1",
"defect": [
"https://launchpad.net/bugs/1879530"
],
"discovery": "INTERNAL"
},
"title": "local snapd exploit through cloud-init",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2020-05-19T16:34:00.000Z",
"ID": "CVE-2020-11933",
"STATE": "PUBLIC",
"TITLE": "local snapd exploit through cloud-init"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "snapd",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "2.45.2",
"version_value": "2.45.2, revision 8539"
}
]
}
},
{
"product_name": "core",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "2.45.2",
"version_value": "2.45.2, revision 9659"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "Ian Johnson"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.net/bugs/1879530",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/1879530"
},
{
"name": "https://ubuntu.com/USN-4424-1",
"refsource": "CONFIRM",
"url": "https://ubuntu.com/USN-4424-1"
}
]
},
"solution": [],
"source": {
"advisory": "https://ubuntu.com/USN-4424-1",
"defect": [
"https://launchpad.net/bugs/1879530"
],
"discovery": "INTERNAL"
},
"work_around": []
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2020-11933",
"datePublished": "2020-07-29T16:25:25.690Z",
"dateReserved": "2020-04-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:40:28.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}