CVE-2023-1523

Summary

CVE	CVE-2023-1523
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-09-01 19:15:00 UTC
Updated	2023-09-08 17:17:00 UTC
Description	Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.

Risk And Classification

Problem Types: CWE-74

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Canonical	Snapd	All	All	All	All
Operating System	Canonical	Ubuntu Linux	16.04	All	All	All
Operating System	Canonical	Ubuntu Linux	18.04	All	All	All
Operating System	Canonical	Ubuntu Linux	20.04	All	All	All
Operating System	Canonical	Ubuntu Linux	22.04	All	All	All
Operating System	Canonical	Ubuntu Linux	22.10	All	All	All
Operating System	Canonical	Ubuntu Linux	23.04	All	All	All

References

Reference	Source	Link	Tags
USN-6125-1: snapd vulnerability \| Ubuntu security notices \| Ubuntu	MISC	ubuntu.com
CVE - CVE-2023-1523	MISC	cve.mitre.org
many: introduce seccomp denylist to block ioctl with TIOCLINUX to fix CVE-2023-1523 by alexmurray · Pull Request #12849 · snapcore/snapd · GitHub	MISC	github.com
'Re: [oss-security] TTY pushback vulnerabilities / TIOCSTI' - MARC	MISC	marc.info
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

199381 Ubuntu Security Notification for snapd Vulnerability (USN-6125-1)