Snap TIOCLINUX Inject to Execute Commands Beyond Sandbox
CVE-2023-1523 Published on September 1, 2023
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.
Vulnerability Analysis
CVE-2023-1523 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. An automatable proof of concept (POC) exploit exists. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
Products Associated with CVE-2023-1523
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-1523 are published in these products:
Affected Versions
Canonical Ltd. snapd Version 2.59.5 is unaffected by CVE-2023-1523Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.