CVE-2016-1580
Publication date 29 April 2016
Last updated 24 July 2024
Ubuntu priority
The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| ubuntu-core-launcher | 16.04 LTS xenial |
Fixed 1.0.27.1
|
| 14.04 LTS trusty | Not in release | |
Notes
jdstrand
introduced in r83 only affects non-Ubuntu Core systems (ie, traditional Ubuntu systems running snappy)
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
9.8 · Critical
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-2956-1
- ubuntu-core-launcher vulnerability
- 29 April 2016