CVE-2019-10063

Name of the Vulnerable Software and Affected Versions Flatpak versions 0.8.1 through 1.0.7 Flatpak versions 1.1.x through 1.2.3 Flatpak versions 1.3.x through 1.3.0

Description The issue is related to insufficient input validation in the seccomp component of Flatpak, which can be exploited by a remote attacker to elevate privileges and execute arbitrary code. The seccomp filter used to prevent sandboxed apps from using the TIOCSTI ioctl can be bypassed on 64-bit platforms by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits.

Recommendations For Flatpak versions 0.8.1 through 1.0.7, update to version 1.0.8 or later. For Flatpak versions 1.1.x through 1.2.3, update to version 1.2.4 or later. For Flatpak versions 1.3.x through 1.3.0, update to version 1.3.1 or later.