{"id":"USN-2956-1","summary":"ubuntu-core-launcher vulnerability","details":"Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly\nsanitize its input and contained a logic error when determining the\nmountpoint of bind mounts when using snaps on Ubuntu classic systems (eg,\ntraditional desktop and server). If a user were tricked into installing a\nmalicious snap with a crafted snap name, an attacker could perform a\ndelayed attack to steal data or execute code within the security context of\nanother snap. This issue did not affect Ubuntu Core systems.\n","modified":"2026-02-10T04:40:58Z","published":"2016-04-29T17:21:35Z","related":["UBUNTU-CVE-2016-1580"],"upstream":["CVE-2016-1580","UBUNTU-CVE-2016-1580"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2956-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1580"}],"affected":[{"package":{"name":"ubuntu-core-launcher","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/ubuntu-core-launcher@1.0.27.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.27.1"}]}],"versions":["1.0.9","1.0.10","1.0.13","1.0.14","1.0.17","1.0.18","1.0.19","1.0.20","1.0.22","1.0.23","1.0.25","1.0.25.1","1.0.27"],"ecosystem_specific":{"binaries":[{"binary_version":"1.0.27.1","binary_name":"ubuntu-core-launcher"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2956-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2016-1580","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]}]}}}],"schema_version":"1.7.3"}