CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10121
https://notcve.org/view.php?id=CVE-2016-10121
13 Apr 2017 — Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. Firejail utiliza permisos débiles para /dev/shm/firejail y posiblemente otros archivos, lo que permite a los usuarios locales obtener privilegios. • http://www.openwall.com/lists/oss-security/2017/01/05/4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10122
https://notcve.org/view.php?id=CVE-2016-10122
13 Apr 2017 — Firejail does not properly clean environment variables, which allows local users to gain privileges. Firejail no limpia correctamente las variables de entorno, lo que permite a los usuarios locales obtener privilegios. • http://www.openwall.com/lists/oss-security/2017/01/05/4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10123
https://notcve.org/view.php?id=CVE-2016-10123
13 Apr 2017 — Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. Firejail permite --chroot cuando seccomp no es compatible, lo que podría permitir a los usuarios locales para obtener privilegios. • http://www.openwall.com/lists/oss-security/2017/01/05/4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5940 – Gentoo Linux Security Advisory 201702-03
https://notcve.org/view.php?id=CVE-2017-5940
09 Feb 2017 — Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-5180. Firejail en versiones anteriores a 0.9.44.6 y 0.9.38.x LTS en versiones anteriores a 0.9.38.10 LTS no aborda exhaustivamente los cas... • http://www.openwall.com/lists/oss-security/2017/01/31/16 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2017-5180 – Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
https://notcve.org/view.php?id=CVE-2017-5180
24 Jan 2017 — Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. Firejail en versiones anteriores a 0.9.44.4 y 0.9.38.x LTS en versiones anteriores a 0.9.38.8 LTS no considera el caso .Xauthority durante su intento para impedir el acceso a los archivos de usuario con un euid de cero, l... • https://www.exploit-db.com/exploits/43359 • CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 0CVE-2017-5206 – Gentoo Linux Security Advisory 201701-62
https://notcve.org/view.php?id=CVE-2017-5206
24 Jan 2017 — Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument. Firejail en versiones anteriores a 0.9.44.4, cuando se ejecuta en un Linux kernel en versiones anteriores a 4.8, permite a atacantes dependientes del contexto evitar un mecanismo seccomp-based de protección de sandbox a través del argumento --allow-debuggers. Multiple vulnerabilities have been discovered in Firejail... • http://www.openwall.com/lists/oss-security/2017/01/07/5 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5207 – Gentoo Linux Security Advisory 201701-62
https://notcve.org/view.php?id=CVE-2017-5207
24 Jan 2017 — Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. Firejail en versiones anteriores a 0.9.44.4, Cuando se ejecuta un comando de ancho de banda, permite a los usuarios locales obtener privilegios de root a través del argumento --shell. Multiple vulnerabilities have been discovered in Firejail, the worst of which may allow privilege escalation. Versions less than 0.9.44.4 are affected. • http://www.openwall.com/lists/oss-security/2017/01/07/6 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9016
https://notcve.org/view.php?id=CVE-2016-9016
19 Jan 2017 — Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. Firejail 0.9.38.4 permite a usuarios locales ejecutar comandos arbitrarios fuera de la sandbox a través de una llamada ioctl TIOCSTI manipulada. • http://www.openwall.com/lists/oss-security/2016/10/25/3 • CWE-284: Improper Access Control •