Neil Mcphail

**Name of the Vulnerable Software and Affected Versions** snapd versions prior to 2.62 **Description** The issue arises when using AppArmor for enforcement of sandbox permissions in snapd. It failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker could convince a user to install a malicious snap that uses the 'home' plug, allowing them to install arbitrary scripts into the users PATH. These scripts may then be run by the user outside of the expected snap sandbox, enabling them to escape confinement. **Recommendations** To resolve the issue, update to snapd version 2.62 or later. As a temporary workaround, consider restricting access to the 'home' plug for snaps until the update is applied. Additionally, users can manually remove any suspicious scripts from the $HOME/bin path to minimize the risk of exploitation.