216.73.217.64

CVE-2024-5138

· Published 31/05/2024 21:15 · Modified 31/05/2024 21:15

Labels: CVE-2024-5138 2024-05-31CVE-2024-5138[email protected]

Essential information

Published
31/05/2024 21:15
Modified
31/05/2024 21:15
Author
Creator
CISA KEV
No
CWE

Description

The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of the snap that would normally require administrator privileges to perform. This could possibly allow an unprivileged user to perform a denial of service or similar.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References