| Summary: | firejail security vulnerability CVE-2017-5180 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Zombie Ryushu <zombie_ryushu> |
| Component: | New RPM package request | Assignee: | Mageia Bug Squad <bugsquad> |
| Status: | RESOLVED INVALID | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.linuxsecurity.com/content/view/170726/170/ | ||
| Whiteboard: | |||
| Source RPM: | CVE: | ||
| Status comment: | |||
|
Zombie Ryushu
2017-02-19 21:57:58 CET
URL:
(none) =>
http://www.linuxsecurity.com/content/view/170726/170/ firejail is not packaged in Mageia. Status:
NEW =>
RESOLVED |
Firejail is vulnerable to the escalation of privileges due to an incomplete fix for CVE-2017-5180. Background ========== A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/firejail < 0.9.44.8 >= 0.9.44.8 2 sys-apps/firejail-lts < 0.9.38.10 >= 0.9.38.10 ------------------------------------------------------------------- 2 affected packages Description =========== The unaffected packages listed in GLSA 201612-48 had an incomplete fix as reported by Sebastian Krahmer of SuSE. This has been properly patched in the latest releases. Impact ====== An attacker could possibly bypass sandbox protection, cause a Denial of Service condition, or escalate privileges.