| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Privilege escalation |
|
| Description |
| + |
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation. |
|
| References |
| + |
https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt |
| + |
https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/ |
| + |
https://github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834b |
|
| Notes |
| + |
Workaround |
| + |
========== |
| + |
|
| + |
The issue can be mitigated by setting "overlayfs no" in /etc/firejail/firejail.config. |
|