CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10118
https://notcve.org/view.php?id=CVE-2016-10118
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /. Firejail permite a los usuarios locales truncar /etc/resolv.conf a través de un comando chroot a /. • http://www.openwall.com/lists/oss-security/2017/01/05/4 http://www.openwall.com/lists/oss-security/2017/01/06/2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10117
https://notcve.org/view.php?id=CVE-2016-10117
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. Firejail no restringe el acceso a --tmpfs, lo que permite a los usuarios locales obtener privilegios, como se demuestra montando sobre /etc. • http://www.openwall.com/lists/oss-security/2017/01/05/4 http://www.openwall.com/lists/oss-security/2017/01/06/2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10120
https://notcve.org/view.php?id=CVE-2016-10120
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. Firejail utiliza los permisos 0777 al montar (1) /dev, (2) /dev/shm, (3) /var/tmp, o (4) /var/lock, lo que permite a los usuarios locales obtener privilegios. • http://www.openwall.com/lists/oss-security/2017/01/05/4 http://www.openwall.com/lists/oss-security/2017/01/06/2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5940
https://notcve.org/view.php?id=CVE-2017-5940
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-5180. Firejail en versiones anteriores a 0.9.44.6 y 0.9.38.x LTS en versiones anteriores a 0.9.38.10 LTS no aborda exhaustivamente los casos dotfile durante su intento de impedir el acceso a los archivos de usuario con un euid de cero, lo que permite a usuarios locales llevar a cabo ataques sybox-escape a través de vectores que implican un enlace simbólico y la opción --private. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2017-5180. • http://www.openwall.com/lists/oss-security/2017/01/31/16 http://www.securityfocus.com/bid/96221 https://firejail.wordpress.com/download-2/release-notes https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f https://github.com/netblue30/firejail/commit/903fd8a0789ca3cc3c21d84cd0282481515592ef https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 https://security.gentoo.org/glsa/201702-03 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5207
https://notcve.org/view.php?id=CVE-2017-5207
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. Firejail en versiones anteriores a 0.9.44.4, Cuando se ejecuta un comando de ancho de banda, permite a los usuarios locales obtener privilegios de root a través del argumento --shell. • http://www.openwall.com/lists/oss-security/2017/01/07/6 http://www.securityfocus.com/bid/97385 https://firejail.wordpress.com/download-2/release-notes https://github.com/netblue30/firejail/commit/5d43fdcd215203868d440ffc42036f5f5ffc89fc https://github.com/netblue30/firejail/issues/1023 https://security.gentoo.org/glsa/201701-62 • CWE-269: Improper Privilege Management •