1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Candidate: CVE-2016-10117
PublicDate: 2017-04-13
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10117
http://www.openwall.com/lists/oss-security/2017/01/05/4
https://github.com/netblue30/firejail/commit/678cd1495457318dad39178bb646ba1b96332ddb (0.9.38-rc1)
Description:
Firejail does not restrict access to --tmpfs, which allows local users to
gain privileges, as demonstrated by mounting over /etc.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_firejail:
upstream_firejail: released (0.9.38-1)
precise_firejail: DNE
trusty_firejail: DNE
vivid/stable-phone-overlay_firejail: DNE
vivid/ubuntu-core_firejail: DNE
xenial_firejail: not-affected (0.9.38-1)
yakkety_firejail: not-affected
devel_firejail: not-affected
|