Martin Carpenter

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to potentially gain privileges when Firejail uses the --chroot option on systems where seccomp is not supported. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to gain privileges by exploiting the lack of restriction on access to --tmpfs, demonstrated by mounting over /etc. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to modify the /etc/resolv.conf file by utilizing a chroot command to /. This can potentially lead to DNS resolution issues or other security problems. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to gain privileges due to Firejail using 0777 permissions when mounting /tmp. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to gain privileges due to Firejail using 0777 permissions when mounting certain directories, including /dev, /dev/shm, /var/tmp, and /var/lock. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue concerns weak permissions set by Firejail for certain files, such as /dev/shm/firejail, which could allow local users to escalate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firejail (affected versions not specified) **Description** The issue allows local users to gain privileges due to Firejail not properly cleaning environment variables. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM Reliable Scalable Cluster Technology (affected versions not specified) **Description** A local user could potentially escalate their privileges to gain root access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Info-ZIP Unzip version 6.0 **Description** The issue is caused by a buffer overflow in the `list files` function, located in `list.c`, which can be exploited by a remote attacker to cause a denial of service through vectors related to the compression method. **Recommendations** For Info-ZIP Unzip version 6.0, consider disabling the `list files` function as a temporary workaround until a patch is available. Restrict access to the compression method to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** glibc versions prior to 2.19-18+deb8u4 on Debian jessie glibc versions prior to 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS glibc versions prior to 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS glibc versions prior to 2.21-0ubuntu4.2 on Ubuntu 15.10 glibc versions prior to 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 **Description** The issue is related to the `pt chown` function in the glibc package, which lacks a namespace check associated with file-descriptor passing. This allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations. The problem is related to debian/sysdeps/linux.mk. **Recommendations** For glibc versions prior to 2.19-18+deb8u4 on Debian jessie, update to version 2.19-18+deb8u4 or later. For glibc versions prior to 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS, update to version 2.15-0ubuntu10.14 or later. For glibc versions prior to 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS, update to version 2.19-0ubuntu6.8 or later. For glibc versions prior to 2.21-0ubuntu4.2 on Ubuntu 15.10, update to version 2.21-0ubuntu4.2 or later. For glibc versions prior to 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10, update to version 2.23-0ubuntu1 or later.

**Name of the Vulnerable Software and Affected Versions** Apport versions 2.12.5 and earlier **Description** The issue allows local users to obtain sensitive information by reading core dump files created by setuid binaries due to weak permissions. **Recommendations** For Apport versions 2.12.5 and earlier, update to a version later than 2.12.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** glibc versions prior to 2.18 **Description** The issue concerns a problem with `pt chown` in the GNU C Library, where it does not properly check permissions for tty files. This allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. **Recommendations** For versions prior to 2.18, update to version 2.18 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** abrt versions 2.0.8 and earlier abrt-addon-ccpp versions 2.0.8 and earlier abrt-addon-kerneloops versions 2.0.8 and earlier abrt-addon-python versions 2.0.8 and earlier abrt-addon-vmcore versions 2.0.8 and earlier abrt-cli versions 2.0.8 and earlier abrt-debuginfo versions 2.0.8 and earlier abrt-devel versions 2.0.8 and earlier abrt-desktop versions 2.0.8 and earlier abrt-gui versions 2.0.8 and earlier abrt-libs versions 2.0.8 and earlier abrt-tui versions 2.0.8 and earlier libreport versions 2.0.9 and earlier libreport-cli versions 2.0.9 and earlier libreport-debuginfo versions 2.0.9 and earlier libreport-devel versions 2.0.9 and earlier libreport-gtk versions 2.0.9 and earlier libreport-gtk-devel versions 2.0.9 and earlier libreport-newt versions 2.0.9 and earlier libreport-plugin-bugzilla versions 2.0.9 and earlier libreport-plugin-kerneloops versions 2.0.9 and earlier libreport-plugin-logger versions 2.0.9 and earlier libreport-plugin-mailx versions 2.0.9 and earlier libreport-plugin-reportuploader versions 2.0.9 and earlier libreport-plugin-rhtsupport versions 2.0.9 and earlier libreport-python versions 2.0.9 and earlier **Description** The issue concerns multiple vulnerabilities in various packages of the Automatic Bug Reporting Tool (ABRT) and libreport, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally. The exploitation may allow attackers to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on the directories used to store information about crashes. **Recommendations** For abrt versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-addon-ccpp versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-addon-kerneloops versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-addon-python versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-addon-vmcore versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-cli versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-debuginfo versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-devel versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-desktop versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-gui versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-libs versions 2.0.8 and earlier, update to a version later than 2.0.8. For abrt-tui versions 2.0.8 and earlier, update to a version later than 2.0.8. For libreport versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-cli versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-debuginfo versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-devel versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-gtk versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-gtk-devel versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-newt versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-bugzilla versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-kerneloops versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-logger versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-mailx versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-reportuploader versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-plugin-rhtsupport versions 2.0.9 and earlier, update to a version later than 2.0.9. For libreport-python versions 2.0.9 and earlier, update to a version later than 2.0.9. As a temporary workaround, consider disabling the `abrt-action-install-debuginfo` function until a patch is available. Restrict access to the vulnerable modules to minimize the risk of exploitation. Avoid using the vulnerable packages until the issue is resolved.