CVE-2017-5206

 

Published at: - 23-03-2017 05:59

Last modified: - 26-10-2022 01:44

Total changes: - 3

Description

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

 

Verification logic

 

Reference

• GLSA-201701-62-Patch, Third Party Advisory, VDB Entry
• https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
• https://firejail.wordpress.com/download-2/release-notes/
• https://blog.lizzie.io/linux-containers-in-500-loc.html#fn.51
• [oss-security] 20170107 Re: Firejail local root exploit-Mailing List, Patch, Third Party Advisory
• 97120-Third Party Advisory, VDB Entry

 

Keywords

NVD

 

CVE-2017-5206

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures