Description

When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.

INFO

Published Date :

2024-06-21T20:06:37.992Z

Last Modified :

2024-08-04T16:11:36.612Z

Source :

canonical
AFFECTED PRODUCTS

The following products are affected by CVE-2020-27352 vulnerability.

Vendors Products
Canonical
  • Snapd
  • Ubuntu Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2020-27352.

URL Resource
https://bugs.launchpad.net/snapd/+bug/1910456 cve-icon cve-icon cve-icon
https://ubuntu.com/security/notices/USN-4728-1 cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2020-27352 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact