### [CVE-2019-7304](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7304)
![](https://img.shields.io/static/v1?label=Product&message=snapd&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%202.37.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Type%20confusion%20when%20performing%20access%20control%20check&color=brighgreen)

### Description

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

### POC

#### Reference
- https://www.exploit-db.com/exploits/46361
- https://www.exploit-db.com/exploits/46362

#### Github
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xT11/CVE-POC
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsyr0/OSCP
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/BGrewell/SockPuppet
- https://github.com/Dhayalanb/Snapd-V2
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/Ly0nt4r/OSCP
- https://github.com/SecuritySi/CVE-2019-7304_DirtySock
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/VieVaWaldi/DirtySock
- https://github.com/WalterEhren/DirtySock
- https://github.com/WalterEren/DirtySock
- https://github.com/anoaghost/Localroot_Compile
- https://github.com/bgrewell/SockPuppet
- https://github.com/blkdevcon/awesome-starz
- https://github.com/chorankates/OpenAdmin
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/elvi7major/snap_priv_esc
- https://github.com/f4T1H21/HackTheBox-Writeups
- https://github.com/f4T1H21/dirty_sock
- https://github.com/fei9747/LinuxEelvation
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/initstring/dirty_sock
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/lacework/up-and-running-packer
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/oscpname/OSCP_cheat
- https://github.com/rakjong/LinuxElevation
- https://github.com/revanmalang/OSCP
- https://github.com/scottford-lw/up-and-running-packer
- https://github.com/siddicky/yotjf
- https://github.com/txuswashere/OSCP
- https://github.com/xhref/OSCP