CVE-2021-26910 log

Source
Severity High
Remote No
Type Privilege escalation
Description 
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
Group Package Affected Fixed Severity Status Ticket
AVG-1545 firejail 0.9.64.2-1 0.9.64.4-1 High Fixed
Date Advisory Group Package Severity Type
12 Feb 2021 ASA-202102-26 AVG-1545 firejail High privilege escalation
References 
https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt
https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/
https://github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834b
Notes 
Workaround
==========

The issue can be mitigated by setting "overlayfs no" in /etc/firejail/firejail.config.