Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-13753 - log back

CVE-2020-13753 edited at 14 Jul 2020 15:34:03

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Sandbox escape

Description

+

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal’s input buffer, similar to CVE-2017-5226.

References

+	https://webkitgtk.org/security/WSA-2020-0006.html#CVE-2020-13753

Notes

CVE-2020-13753 created at 10 Jul 2020 12:31:24