Firejail is vulnerable to the escalation of privileges due to an incomplete fix for CVE-2017-5180. Background ========== A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/firejail < 0.9.44.8 >= 0.9.44.8 2 sys-apps/firejail-lts < 0.9.38.10 >= 0.9.38.10 ------------------------------------------------------------------- 2 affected packages Description =========== The unaffected packages listed in GLSA 201612-48 had an incomplete fix as reported by Sebastian Krahmer of SuSE. This has been properly patched in the latest releases. Impact ====== An attacker could possibly bypass sandbox protection, cause a Denial of Service condition, or escalate privileges.
URL: (none) => http://www.linuxsecurity.com/content/view/170726/170/
firejail is not packaged in Mageia.
Status: NEW => RESOLVEDResolution: (none) => INVALID