Strix
26.1K

CVE-2024-29069

HIGHCVSS 7.3/10EPSS 0.23%

Last modified

CVE-2024-29069 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. EPSS estimates a 0.23% chance of exploitation in the next 30 days.

Description

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information.

Metrics

CVSS 3.1
7.3/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Probability
0.23%

13.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CanonicalSnapd< 2.62

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2024-29069?
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files etc) are directly read by snapd when it is extracted. An attacker who could convince a user to install a malicious snap which contained symbolic links at these paths could then cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This in-turn could allow an unprivileged user to gain access to privileged information.
How severe is CVE-2024-29069?
CVE-2024-29069 has a CVSS score of 7.3/10 (HIGH severity). The EPSS model estimates a 0.23% probability of exploitation in the next 30 days.
How do I fix CVE-2024-29069?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-29069?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST