{"api_version":"1","generated_at":"2026-04-23T07:56:09+00:00","cve":"CVE-2021-4120","urls":{"html":"https://cve.report/CVE-2021-4120","api":"https://cve.report/api/cve/CVE-2021-4120.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-4120","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-4120"},"summary":{"title":"CVE-2021-4120","description":"snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1","state":"PUBLIC","assigner":"security@ubuntu.com","published_at":"2022-02-17 23:15:00","updated_at":"2023-11-07 03:40:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7/","name":"FEDORA-2022-5df8b52ba4","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: snapd-2.54.3-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugs.launchpad.net/snapd/+bug/1949368","name":"https://bugs.launchpad.net/snapd/+bug/1949368","refsource":"MISC","tags":[],"title":"Bug #1949368 “snapd fails to validate content interface settings...” : Bugs : snapd","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/","name":"FEDORA-2022-82bea71e5a","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: snapd-2.54.3-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://ubuntu.com/security/notices/USN-5292-1","name":"https://ubuntu.com/security/notices/USN-5292-1","refsource":"MISC","tags":[],"title":"USN-5292-1: snapd vulnerabilities | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/","name":"FEDORA-2022-82bea71e5a","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: snapd-2.54.3-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2022/02/18/2","name":"[oss-security] 20220218 CVE-2021-4120: Insufficient validation of snap content interface and layout paths","refsource":"MLIST","tags":[],"title":"oss-security - CVE-2021-4120: Insufficient validation of snap content interface\n and layout paths","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7/","name":"FEDORA-2022-5df8b52ba4","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: snapd-2.54.3-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-4120","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4120","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Ian Johnson","lang":""}],"nvd_cpes":[{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"2.54.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"canonical","cpe5":"snapd","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"20.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"21.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4120","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-4120","qid":"180453","title":"Debian Security Update for snapd (CVE-2021-4120)"},{"cve":"CVE-2021-4120","qid":"198668","title":"Ubuntu Security Notification for snapd Vulnerabilities (USN-5292-1)"},{"cve":"CVE-2021-4120","qid":"198670","title":"Ubuntu Security Notification for snapd Vulnerabilities (USN-5292-2)"},{"cve":"CVE-2021-4120","qid":"282412","title":"Fedora Security Update for snapd (FEDORA-2022-5df8b52ba4)"},{"cve":"CVE-2021-4120","qid":"282413","title":"Fedora Security Update for snapd (FEDORA-2022-82bea71e5a)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@ubuntu.com","ID":"CVE-2021-4120","STATE":"PUBLIC","TITLE":"snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"snapd","version":{"version_data":[{"version_affected":"<=","version_value":"2.54.2"}]}}]},"vendor_name":"Canonical Ltd."}]}},"credit":[{"lang":"eng","value":"Ian Johnson"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1"}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://ubuntu.com/security/notices/USN-5292-1","name":"https://ubuntu.com/security/notices/USN-5292-1"},{"refsource":"MISC","url":"https://bugs.launchpad.net/snapd/+bug/1949368","name":"https://bugs.launchpad.net/snapd/+bug/1949368"},{"refsource":"MLIST","name":"[oss-security] 20220218 CVE-2021-4120: Insufficient validation of snap content interface and layout paths","url":"http://www.openwall.com/lists/oss-security/2022/02/18/2"},{"refsource":"FEDORA","name":"FEDORA-2022-82bea71e5a","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U/"},{"refsource":"FEDORA","name":"FEDORA-2022-5df8b52ba4","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7/"}]},"source":{"defect":["https://launchpad.net/bugs/1949368"],"discovery":"INTERNAL"}},"nvd":{"publishedDate":"2022-02-17 23:15:00","lastModifiedDate":"2023-11-07 03:40:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:canonical:snapd:*:*:*:*:*:*:*:*","versionEndIncluding":"2.54.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"4120","Ordinal":"223041","Title":"CVE-2021-4120","CVE":"CVE-2021-4120","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"4120","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}