CVE-2021-44731

Description from NVD

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Information Acquisition Date:2022-02-28T16:40Z
CVSS 2.0: 0.0 None CVSS 3.x: 7.8 HIGH

NVD References

 https://ubuntu.com/security/notices/USN-5292-1
     source:MISC
     tags:
 [oss-security] 20220218 CVE-2021-4120: Insufficient validation of snap content interface and layout paths
     source:MLIST
     tags:
 FEDORA-2022-5df8b52ba4
     source:FEDORA
     tags:
 FEDORA-2022-82bea71e5a
     source:FEDORA
     tags:
 DSA-5080
     source:DEBIAN
     tags:
 [oss-security] 20220223 Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()
     source:MLIST
     tags:
 [oss-security] 20220223 Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()
     source:MLIST
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: BIND(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
http://cyberiqs.com/latestnews52
https://cvetrends.com49
http://twinybots.ch33
https://www.redpacketsecurity.com/cve-2021-44731-linux-priv...5
https://blog.qualys.com/vulnerabilities-threat-research/202...4
https://ubuntu.com/security/CVE-2021-447313
https://twitter.com/elhackernet/status/14950297689699860493
https://www.qualys.com/2022/02/17/cve-2021-44731/oh-snap-mo...3
https://securityaffairs.co/wordpress/128150/hacking/cve-202...3

Information from Twitter

User URL Info Source Date
threatintelctr https://nvd.nist.gov/vuln/detail/CVE-2021-44731 Source threatintelctr   1621621267395657728 2023/02/04

List of frequently cited URLs

URLNum of Times Referred to
cyberiqs.com52
cvetrends.com49
twinybots.ch33
www.redpacketsecurity.com5
blog.qualys.com4
ubuntu.com3
twitter.com3
www.qualys.com3
securityaffairs.co3

Information from Twitter

User URL Info Source
threatintelctr nvd.nist.gov Show Tweet
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2023/02/04 Score : 1
Added Har-sia Database : 2022/02/18
Last Modified : 2023/02/04
Highest Scored Date : 2022/02/18
Highest Score : 76