CVE-2023-1523
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canonical Ltd. | snapd | 2.59.5 | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://ubuntu.com/security/notices/USN-6125-1
- https://github.com/snapcore/snapd/pull/12849
- https://marc.info/?l=oss-security&m=167879021709955&w=2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: total
References
- https://ubuntu.com/security/notices/USN-6125-1
- https://github.com/snapcore/snapd/pull/12849
- https://marc.info/?l=oss-security&m=167879021709955&w=2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.