Deleted PoC etc before marking this public. ** Attachment removed: "snap-escape-POC.tar.gz" https://bugs.launchpad.net/snapcraft/+bug/1901572/+attachment/5427455/+files/snap-escape-POC.tar.gz
** Attachment removed: "make_libc.py" https://bugs.launchpad.net/snapcraft/+bug/1901572/+attachment/5427456/+files/make_libc.py ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1901572 Title: snapd vulnerable to Library Injection from CWD To manage notifications about this bug go to: https://bugs.launchpad.net/snapcraft/+bug/1901572/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs