QID 377800

A race condition existed in snap-confine, a SUID-root program installed by default on Ubuntu.

A local attacker could race against snap-confine, retain control over /tmp/snap.$SNAP_NAME, and eventually obtain full root privileges.
A combination of two vulnerabilities (CVE-2022-41973 and CVE-2022-41974) in multipathd package, with the third vulnerability in snap-confine package, could allow an attacker to obtain full root privileges on Ubuntu Server 22.04

QID Detection Logic (authenticated):
This QID looks for the vulnerable instance of snap-confine using the pattern used in snap-confine package. If it finds the vulnerable instance, it will report the path to those instances.

Successful exploitation of the security flaw in CVE-2022-41973 and CVE-2022-41974, bound by this vulnerability (CVE-2022-3328), lets any unprivileged user gain root privileges on the vulnerable device.

A local attacker could race against snap-confine, retain control over /tmp/snap.$SNAP_NAME, and eventually obtain full root privileges.