Local root vulnerability in snap-confine
Local root vulnerability in snap-confine
Posted Feb 18, 2022 12:49 UTC (Fri) by epa (subscriber, #39769)In reply to: Local root vulnerability in snap-confine by auerswal
Parent article: Local root vulnerability in snap-confine
One of the vulnerabilities, CVE-2021-44731, is a symlink attack.
Posted Feb 19, 2022 18:02 UTC (Sat)
by spigot (subscriber, #50709)
[Link]
Amusingly, the Acknowledgments section of the write-up has this dedication:
Local root vulnerability in snap-confine
This advisory is dedicated to 8lgm -- followers of symbolic links, overflowers of stack buffers, and dereferencers of NULL pointers: [...]