CVE-2019-7304

Local privilege escalation in Ubuntu Linux and derivatives | The Missing Link

Discovered by Chris Moberly on behalf of The Missing Link Security

Vulnerability Details

The Snap daemon (snapd) incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges.

Affected Versions

snapd versions 2.28 through 2.37

Latest News

5 Microsoft Power Platform Benefits That Will Transform Your Business

5 Key Takeaways from Early Adopters of Microsoft 365 Copilot

The Missing Link is recognised as Premier Service Delivery Partner by Netskope

See All News