oss-sec mailing list archives

Re: Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328)

From: Qualys Security Advisory <qsa () qualys com>
Date: Thu, 1 Dec 2022 00:01:18 +0000

Hi all,

On Wed, Nov 30, 2022 at 11:28:27PM +0000, Qualys Security Advisory wrote:

We discovered a race condition (CVE-2022-3328) in snap-confine


Patches are available at:

https://github.com/snapcore/snapd/releases/tag/2.57.6
https://github.com/snapcore/snapd/commits/release/2.57

Thank you very much! With best regards,

-- 
the Qualys Security Advisory team

Current thread:

Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) Qualys Security Advisory (Nov 30)
- Re: Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) Qualys Security Advisory (Nov 30)