CVE-2017-5226

Sažetak

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.

Reference

https://github.com/projectatomic/bubblewrap/issues/142
https://github.com/projectatomic/bubblewrap/commit/d7fc532c42f0e9bf427923bab85433282b3e5117
https://bugzilla.redhat.com/show_bug.cgi?id=1411811
http://www.securityfocus.com/bid/97260
http://www.openwall.com/lists/oss-security/2020/07/10/1
https://www.openwall.com/lists/oss-security/2023/03/14/2
http://www.openwall.com/lists/oss-security/2023/03/17/1

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-03-2023 - 12:15

Objavljeno

29-03-2017 - 20:59