oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: firejail: local root exploit reachable via --join logic (CVE-2022-31214)

From: Alex Murray <alex.murray () canonical com>
Date: Thu, 09 Jun 2022 12:48:48 +0930
On Wed, 2022-06-08 at 14:48:47 +0200, Matthias Gerstner wrote:



Upstream Bugfix
===============

Upstream published a comprehensive bugfix for this issue just today [2].

< ...

[2]: https://github.com/netblue30/firejail/commit/27cde3d7d1e4e16d4190932347c7151dc2a84c50



FYI it looks like upstream made two subsequent fixup commits as well:

https://github.com/netblue30/firejail/commit/dab835e7a0eb287822016f5ae4e87f46e1d363e7
https://github.com/netblue30/firejail/commit/1884ea22a90d225950d81c804f1771b42ae55f54
Previous By Date Next
Previous By Thread Next

Current thread: