CVE-2024-29068

Name of the Vulnerable Software and Affected Versions snapd versions prior to 2.62

Description The issue is related to the improper checking of file types when extracting a snap. The snap format, being a squashfs file-system image, can contain non-regular files such as pipes or sockets. When snapd extracts a snap, it directly reads various file entries, including icons, from the snap squashfs image. An attacker could exploit this by convincing a user to install a malicious snap containing non-regular files at specific paths, causing snapd to block indefinitely and resulting in a denial of service.

Recommendations For snapd versions prior to 2.62, update to version 2.62 or later to resolve the issue. As a temporary workaround, consider restricting the installation of snaps from untrusted sources to minimize the risk of exploitation.