cve/2021/CVE-2021-44730.md

### [CVE-2021-44730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44730)
![](https://img.shields.io/static/v1?label=Product&message=snapd&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%202.54.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)

### Description

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

### POC

#### Reference
- http://www.openwall.com/lists/oss-security/2022/02/23/1

#### Github
- https://github.com/ARPSyndicate/cvemon
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-44730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44730)`
			`![](https://img.shields.io/static/v1?label=Product&message=snapd&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3C%3D%202.54.2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brighgreen)`

			`### Description`

			`snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1`

			`### POC`

			`#### Reference`
			`- http://www.openwall.com/lists/oss-security/2022/02/23/1`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`