CVE-2022-3328

HIGH

snap-confine - Buffer Overflow

Title source: llm

Description

Race condition in snap-confine's must_mkdir_and_open_with_perms()

Exploits (1)

nomisec WRITEUP 4 stars
by Mr-xn · poc
https://github.com/Mr-xn/CVE-2022-3328

References (2)

Scores

CVSS v3 7.8
EPSS 0.0006
EPSS Percentile 18.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (7)
canonical/snapd < 2.61.1
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 20.04
canonical/ubuntu_linux 22.04
canonical/ubuntu_linux 22.10
snapcore/snapd 0 - 2.57.6Go
Published Jan 08, 2024
Tracked Since Feb 18, 2026