firejail

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Linux namespaces sandbox program
Version 0.9.72-3 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1545 0.9.64.2-1 0.9.64.4-1 High Fixed
AVG-128 0.9.44.2-1 0.9.44.10-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-26910 AVG-1545 High No Privilege escalation
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an...
CVE-2017-5207 AVG-128 High No Privilege escalation
A vulnerability has been discovered when providing a custom shell as a parameter to the firejail bandwidth command. By making this custom shell ignore the...
CVE-2017-5206 AVG-128 High No Privilege escalation
A vulnerability has been discovered when using ptrace with --allow- debuggers, which allows a sandboxed program to escape the seccomp profile by rewriting...
CVE-2017-5180 AVG-128 High No Privilege escalation
A race condition vulnerability has been discovered in firejail. An attacker that is able to symlink to arbitrary binaries or libraries can trick firejail...
CVE-2016-10123 AVG-128 High No Privilege escalation
A local privilege escalation bug has been found on firejail. By executing firejail without seccomp support and --chroot, a race condition can be leveraged...
CVE-2016-10122 AVG-128 High No Privilege escalation
A vulnerability has been found in firejail where the --x11 flag runs an X server as root and the --env flag could be used to set arbitrary environment...
CVE-2016-10121 AVG-128 High No Privilege escalation
A vulnerability has been found for firejail where /dev/shm/firejail has been mounted with weak permissions (0777).
CVE-2016-10120 AVG-128 High No Privilege escalation
A vulnerability has been found in firejail where several files and directories where mounted with weak permissions (0777): /dev, /dev/shm, /var/tmp and /var/lock.
CVE-2016-10119 AVG-128 High No Privilege escalation
A vulnerability has been found in firejail where /tmp has been mounted with weak permissions (0777) and no stickybit.
CVE-2016-10118 AVG-128 Low No Arbitrary file overwrite
A vulnerability has been found in firejail where any non-privileged user could truncate /etc/resolv.conf to 0 bytes.
CVE-2016-10117 AVG-128 High No Privilege escalation
A vulnerability has been found in firejail where any non-privileged user could mount a tmpfs over any location. This could be exploited to, for example,...

Advisories

Date Advisory Group Severity Type
12 Feb 2021 ASA-202102-26 AVG-1545 High privilege escalation