CVE-2020-27348
MEDIUMsnapcraft <4.4.4, <2.43.1+16.04.1, <2.43.1+18.04.1 - RCE
Title source: llmDescription
In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://github.com/snapcore/snapcraft/pull/3345
Patch, Third Party Advisory x_refsource_misc
https://usn.ubuntu.com/usn/usn-4661-1
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://bugs.launchpad.net/bugs/1901572
Scores
CVSS v3
6.8
EPSS
0.0006
EPSS Percentile
20.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Details
CWE
CWE-427
Status
published
Products (4)
canonical/snapcraft
< 4.4.4
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
pypi/snapcraft
0 - 4.4.4PyPI
Published
Dec 04, 2020
Tracked Since
Feb 18, 2026