In snapd 2.27 through 2.29.2 the snap logs command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journalds access restrictions.
The product does not handle or incorrectly handles an exceptional condition.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Snapd | Snapcraft | 2.27 (including) | 2.29.2 (including) |
Snapd | Ubuntu | artful | * |
Snapd | Ubuntu | devel | * |
Snapd | Ubuntu | trusty | * |
Snapd | Ubuntu | upstream | * |
Snapd | Ubuntu | xenial | * |
Snapd | Ubuntu | zesty | * |