CVEs related to bugs in snapd

Open bugs

Bug CVE(s)
Bug #1721223: Networkd fail to set ip address between leases if ip address changes on UbuntuCore CVE-2017-15908
snapd Fix committed by Michael Vogt
Bug #1746463: apparmor profile load in stacked policy container fails CVE-2017-0861
CVE-2017-1000405
CVE-2017-1000407
CVE-2017-15129
CVE-2017-16994
CVE-2017-17448
CVE-2017-17450
CVE-2017-17741
CVE-2017-17805
CVE-2017-17806
CVE-2017-17807
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2018-1000026
CVE-2018-5332
CVE-2018-5333
CVE-2018-5344
snapd Triaged (unassigned)
Bug #1928567: Inconsistent output for "snap refresh"/"snap refresh <specific_snap>" CVE-2023-4863
snapd Triaged (unassigned)
Bug #1980861: Please enable CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU CVE-2022-2978
snapd New (unassigned)
Bug #1998538: userd: xdg-open of help URLs no longer work CVE-2020-11934
snapd New, assigned to Sergio Costas

Resolved bugs

Bug CVE(s)
Bug #1567597: implement 'complain mode' in seccomp for developer mode with snaps CVE-2017-1000252
CVE-2017-10663
CVE-2017-10911
CVE-2017-11176
CVE-2017-14340
snapd Fix released, assigned to Tyler Hicks
Bug #1721676: implement errno action logging in seccomp for strict mode with snaps CVE-2017-1000252
CVE-2017-10663
CVE-2017-10911
CVE-2017-11176
CVE-2017-14340
snapd Fix released, assigned to Tyler Hicks
Bug #1730255: snapd gives all users access to system logs CVE-2017-14178
snapd Fix released, assigned to John Lenton
Bug #1812973: snap: seccomp blacklist for TIOCSTI can be circumvented CVE-2019-7303
snapd Fix released, assigned to Zygmunt Krynicki
Bug #1813365: Local privilege escalation via snapd socket CVE-2019-7304
snapd Fix released, assigned to Zygmunt Krynicki
Bug #1840375: groupdel doesn't support extrausers CVE-2018-7169
snapd Fix released, assigned to Michael Vogt
Bug #1879530: ubuntu core cloud-init allows infinite creation of sudo users CVE-2020-11933
snapd Fix released, assigned to Ian Johnson
Bug #1880085: snap userd's OpenURL method allows sandox escape CVE-2020-11934
snapd Fix released (unassigned)
Bug #1900693: snapd cannot refresh on some SD cards due to uboot bug CVE-2020-8432
snapd Fix released, assigned to Samuele Pedroni
Bug #1910298: ~/snap directory should be o0700 CVE-2021-3155
snapd Fix released, assigned to Miguel Pires
Bug #1910456: container management snaps should have Delegate=true in their systemd unit CVE-2019-5736
CVE-2020-15257
CVE-2020-27352
snapd Fix released, assigned to Ian Johnson
Bug #1949368: snapd fails to validate content interface settings, resulting in sandbox escape CVE-2021-4120
snapd Fix released (unassigned)