CVEs-PoC/2021/CVE-2021-44731.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.3 KiB

Raw Permalink Blame History

CVE-2021-44731

Description

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

POC

Reference

http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html
http://www.openwall.com/lists/oss-security/2022/02/23/1

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/bollwarm/SecToolSet
https://github.com/deeexcee-io/CVE-2021-44731-snap-confine-SUID
https://github.com/teresaweber685/book_list

1.3 KiB Raw Permalink Blame History

CVE-2021-44731

Description

POC

Reference

Github

1.3 KiB

Raw Permalink Blame History