firejail

Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an...

A vulnerability has been discovered when providing a custom shell as a parameter to the firejail bandwidth command. By making this custom shell ignore the...

A vulnerability has been discovered when using ptrace with --allow- debuggers, which allows a sandboxed program to escape the seccomp profile by rewriting...

A race condition vulnerability has been discovered in firejail. An attacker that is able to symlink to arbitrary binaries or libraries can trick firejail...

A local privilege escalation bug has been found on firejail. By executing firejail without seccomp support and --chroot, a race condition can be leveraged...

A vulnerability has been found in firejail where the --x11 flag runs an X server as root and the --env flag could be used to set arbitrary environment...

A vulnerability has been found for firejail where /dev/shm/firejail has been mounted with weak permissions (0777).

A vulnerability has been found in firejail where several files and directories where mounted with weak permissions (0777): /dev, /dev/shm, /var/tmp and /var/lock.

A vulnerability has been found in firejail where /tmp has been mounted with weak permissions (0777) and no stickybit.

A vulnerability has been found in firejail where any non-privileged user could truncate /etc/resolv.conf to 0 bytes.

A vulnerability has been found in firejail where any non-privileged user could mount a tmpfs over any location. This could be exploited to, for example,...