~ubuntu-security/ubuntu-cve-tracker/master : contents of retired/CVE-2016-10120 at revision 13266

~ubuntu-security/ubuntu-cve-tracker/master : (revision 13266)

browse files
view with revision information
view revision
view changes to this file
download file

Candidate: CVE-2016-10120
PublicDate: 2017-04-13
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10120
 http://www.openwall.com/lists/oss-security/2017/01/05/4
 https://github.com/netblue30/firejail/commit/cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (0.9.38-rc1)
Description:
 Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3)
 /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:

Patches_firejail:
upstream_firejail: released (0.9.38-1)
precise_firejail: DNE
trusty_firejail: DNE
vivid/stable-phone-overlay_firejail: DNE
vivid/ubuntu-core_firejail: DNE
xenial_firejail: not-affected (0.9.38-1)
yakkety_firejail: not-affected
devel_firejail: not-affected