Oval Definition:
oval:com.ubuntu.disco:def:2019115030000000
Revision Date
:
2019-04-24
Version
:
1
Title
:
CVE-2019-11503 on Ubuntu 19.04 (disco) - low.
Description
:
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2019-11503
Platform(s)
:
Ubuntu 19.04
Product(s)
:
Definition Synopsis
Ubuntu 19.04 (disco) is installed.
AND
snapd package in disco is affected. An update containing the fix has been completed and is pending publication.
BACK