| Package | snapd |
|---|---|
| Version | 2.21-2+deb9u3 (stretch) |
| Related CVEs | CVE-2022-3328 |
The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.
For Debian 9 stretch, these problems have been fixed in version 2.21-2+deb9u3.
We recommend that you upgrade your snapd packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.