CVE-2021-44731
HIGHsnapd < 2.54.3 - Local Privilege Escalation via Race Condition in snap-confine
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-44731. PoCs published by deeexcee-io.
AI-analyzed exploit summary This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-44731, targeting vulnerable versions of snap-confine (2.54.2 and lower). The exploit leverages improper SUID handling to gain root access via a reverse shell.
Description
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
Exploits (1)
This repository contains a functional local privilege escalation (LPE) exploit for CVE-2021-44731, targeting vulnerable versions of snap-confine (2.54.2 and lower). The exploit leverages improper SUID handling to gain root access via a reverse shell.
References (10)
Scores
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H