CVE-2020-27352

NameCVE-2020-27352
DescriptionWhen generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
snapd (PTS)stretch (security)2.21-2+deb9u1vulnerable
stretch (lts), stretch2.21-2+deb9u3vulnerable
buster (security), buster, buster (lts)2.37.4-1+deb10u3vulnerable
bullseye (security), bullseye2.49-1+deb11u2fixed
bookworm2.57.6-1fixed
trixie2.65.3-1fixed
sid2.66.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
snapdsource(unstable)2.49-1

Notes

[buster] - snapd <no-dsa> (Minor issue)
[stretch] - snapd <no-dsa> (Minor issue)
https://ubuntu.com/security/notices/USN-4728-1
https://github.com/docker-snap/docker-snap/security/advisories/GHSA-798c-v3jq-h646
https://bugs.launchpad.net/snapd/+bug/1910456

Search for package or bug name: Reporting problems