Launchpad.net

CVE 2016-1580

The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with "ubuntu-core."

Related bugs and status

CVE-2016-1580 (Candidate) is related to these bugs:

Bug #1576699: ubuntu-core-launcher uses incorrect glob, doesn't check for exactly one match

		In	Importance	Status
1576699	ubuntu-core-launcher uses incorrect glob, doesn't check for exactly one match	ubuntu-core-launcher (Ubuntu)	High	Fix Released
1576699	ubuntu-core-launcher uses incorrect glob, doesn't check for exactly one match	ubuntu-core-launcher (Ubuntu Yakkety)	High	Fix Released
1576699	ubuntu-core-launcher uses incorrect glob, doesn't check for exactly one match	ubuntu-core-launcher (Ubuntu Xenial)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.launchpad...
UBUNTU: USN-2956-1