CVE-2024-29069: 
Linux Debian vulnerability analysis and mitigation

In snapd versions prior to 2.62, a vulnerability was discovered where snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format, being a squashfs file-system image, can contain symbolic links and other file types. Various file entries within the snap squashfs image (such as icons and desktop files) are directly read by snapd during extraction (NVD).

The vulnerability stems from improper validation of symbolic links during snap package extraction. When snapd processes a snap package, it reads various file entries directly from the squashfs image. The vulnerability occurs because snapd doesn't properly verify the destination of symbolic links, which could lead to writing contents to world-readable directories. The issue has been assigned a CVSS v3.1 base score of 4.8 MEDIUM (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L) by Canonical, while NVD rates it as 7.3 HIGH (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) (NVD).

If exploited, this vulnerability could allow an attacker who convinces a user to install a malicious snap containing crafted symbolic links to cause snapd to write out the contents of the symbolic link destination into a world-readable directory. This could subsequently allow an unprivileged user to gain access to privileged information (Ubuntu Security).

The vulnerability has been fixed in snapd version 2.62 and later. Users are advised to update their systems to the patched version. For Ubuntu users, the fixed versions are: snapd 2.63+24.04ubuntu0.1 for Ubuntu 24.04, 2.63+22.04ubuntu0.1 for Ubuntu 22.04, and 2.63+20.04ubuntu0.1 for Ubuntu 20.04. A standard system update will make all the necessary changes (Ubuntu Security).