CVE-2022-3328: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
(updated )
Race condition in snap-confine’s must_mkdir_and_open_with_perms()
References
- cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3328
- github.com/advisories/GHSA-cjqf-877p-7m3f
- github.com/snapcore/snapd/commit/21ebc51f00b8a1417888faa2e83a372fd29d0f5e
- github.com/snapcore/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d
- github.com/snapcore/snapd/pull/12380
- nvd.nist.gov/vuln/detail/CVE-2022-3328
- ubuntu.com/security/notices/USN-5753-1
Detect and mitigate CVE-2022-3328 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →