PT-2017-9928 · Netfilter · Firejail

Published

2017-01-19

·

Updated

2017-06-08

·

CVE-2016-9016

CVSS v3.1

8.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firejail version 0.9.38.4
Description The issue allows local users to execute arbitrary commands outside of the sandbox. This is achieved via a crafted TIOCSTI ioctl call.
Recommendations For Firejail version 0.9.38.4, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2016-9016

Affected Products

Firejail