USN-4424-1: snapd vulnerabilities
It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and
Ubuntu Core 18 devices ran on every boot without restrictions. A physical
attacker could exploit this to craft cloud-init user-data/meta-data via
external media to perform arbitrary changes on the device to bypass
intended security mechanisms such as full disk encryption. This issue did
not affect traditional Ubuntu systems. (CVE-2020-11933)
It was discovered that snapctl user-open allowed altering the XDG_DATA_DIRS
environment variable when calling the system xdg-open. A malicious snap
could exploit this to bypass intended access restrictions to control how
the host system xdg-open script opens the URL. This issue did not affect
Ubuntu Core systems. (CVE-2020-11934)
Source: USN-4424-1: snapd vulnerabilities
Leave a Reply