发布于3月6日3月6日 Members Debian: CVE-2020-27352: snapd -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 06/21/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended. Solution(s) debian-upgrade-snapd References https://attackerkb.com/topics/cve-2020-27352 CVE - 2020-27352
