oss-sec mailing list archives
Re: firejail: local root exploit reachable via --join logic (CVE-2022-31214)
From: Alex Murray <alex.murray () canonical com>
Date: Thu, 09 Jun 2022 12:48:48 +0930
On Wed, 2022-06-08 at 14:48:47 +0200, Matthias Gerstner wrote:
Upstream Bugfix =============== Upstream published a comprehensive bugfix for this issue just today [2].
< ...
[2]: https://github.com/netblue30/firejail/commit/27cde3d7d1e4e16d4190932347c7151dc2a84c50
FYI it looks like upstream made two subsequent fixup commits as well: https://github.com/netblue30/firejail/commit/dab835e7a0eb287822016f5ae4e87f46e1d363e7 https://github.com/netblue30/firejail/commit/1884ea22a90d225950d81c804f1771b42ae55f54
Current thread:
- firejail: local root exploit reachable via --join logic (CVE-2022-31214) Matthias Gerstner (Jun 08)
- Re: firejail: local root exploit reachable via --join logic (CVE-2022-31214) Alex Murray (Jun 09)