CVE-2017-14178

Summary

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions.

Affected Software

VendorProductVersion RangeStatus
n/asnapd2.27 through 2.29.2affected

Weaknesses

  • Information leak

ADP Enrichment

CVE Program Container

Additional References

References