oss-sec mailing list archives
Re: Firejail local root exploit
From: <cve-assign () mitre org>
Date: Sat, 7 Jan 2017 12:53:23 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
allows ptrace with --allow-debuggers, which allows a sandboxed program to escape the seccomp profile by rewriting permitted system calls into unpermitted ones pre-Linux-4.8. https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
Use CVE-2017-5206. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYcSqVAAoJEHb/MwWLVhi2NzwP/0z1VLyt3ZjtWZJ/LO4/9eFK Y3r7DhndVjzW0ly7NN3IJSYdtLplmxl8j5oJsOhviUClRrbAos2LBHmOTUM/vfFj nyun6Lil9yuoktXnqTTRDGV+bhqABxi8HJ0I8iC6XMFOS+HrHNMZxcPUbNROFKxM CcmFClQ8/EY4ZqJKdglwdEDFzKO9xUzoFdSVMfVRGjCQz6WSnEtG/Ab/6v+e3VLZ ZSKJarpbnQ0M3IXALpu+jQ5/pfg9bZu4GyL6rTK46GCHnC//Rjw0E1yF7ryebVBC TSrp9j8AggY+ZH90AYDFS5Z9ya58QRUeTm0zuLTPiqFhZakFp0ZhHmFB6wW+/VDY yEJM0akAzMTiljFhePJRNrA0BuCYAJSDD15vV52IrYNBO9U+bCugLDTC3Nmt5OrJ V8lUM2uYlTg3q/8y3sWeVW+7O2khsDdt4Pan6c0QXs9Nstr70iGsRKzg/q9rE45s 2IaE54OkYN8znmLpSVmPUSc5uHOIkyLky/7EKN5jgoIdbmAVwKgCOIQwBkCP25if OZesiYfVCnca+rArzCR3GbPZhqDPYQcyj6iRt1Z7lUEvrRPKPwdyHCZZpQUklBYc jUlabDWSPYZNEpmefnuKRK91m3CRDmgWGXdSaHOxeaq0Ip+H6DR36tIT8lQnGZHv ZkitBU93h9QWYAMHXjmd =SPiX -----END PGP SIGNATURE-----
Current thread:
- Re: Firejail local root exploit, (continued)
- Re: Firejail local root exploit cve-assign (Jan 04)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 05)
- Re: Firejail local root exploit cve-assign (Jan 06)
- Re: Re: Firejail local root exploit sivmu (Jan 06)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 07)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 08)
- Re: Re: Firejail local root exploit Simon McVittie (Jan 08)
- Re: Re: Firejail local root exploit Brad Spengler (Jan 08)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 08)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 05)
- Re: Firejail local root exploit cve-assign (Jan 04)
- Re: Re: Firejail local root exploit Lizzie Dixon (Jan 06)
- Re: Firejail local root exploit cve-assign (Jan 07)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 07)
- Re: Firejail local root exploit cve-assign (Jan 07)
- Re: Firejail local root exploit cve-assign (Jan 06)
- Re: Re: Firejail local root exploit Thomas Deutschmann (Jan 31)