Lucene search
PRIOn knowledge basePRION:CVE-2017-5226HistoryMar 29, 2017 - 8:59 p.m.
Input validation
2017-03-2920:59:00
PRIOn knowledge base
www.prio-n.com
12
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal’s input buffer, allowing an attacker to escape the sandbox.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bubblewrap | le | 0.1.5 |
References
www.openwall.com/lists/oss-security/2020/07/10/1
www.openwall.com/lists/oss-security/2023/03/17/1
www.securityfocus.com/bid/97260
bugzilla.redhat.com/show_bug.cgi?id=1411811
github.com/projectatomic/bubblewrap/commit/d7fc532c42f0e9bf427923bab85433282b3e5117
github.com/projectatomic/bubblewrap/issues/142
www.openwall.com/lists/oss-security/2023/03/14/2
Related
ubuntucve
ubuntucve
nvd
nvd
cvelist
cvelist
CVE-2017-5226
2017-03-29 00:00:00
CVE-2023-28100 TIOCLINUX can send commands outside sandbox if running on a virtual console
2023-03-16 15:51:32
CVE-2019-10063
2019-03-26 13:40:19
debiancve
debiancve
osv
osv
cve
cve
openvas
openvas
Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1004)
2020-01-23 00:00:00
CentOS Update for flatpak CESA-2019:1024 centos7
2019-05-14 00:00:00
Huawei EulerOS: Security Advisory for flatpak (EulerOS-SA-2020-1305)
2020-03-24 00:00:00
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2020-07-14 14:15:00
Design/Logic Flaw
2019-03-26 14:29:00
Command injection
2023-03-16 16:15:00
nessus
nessus
Oracle Linux 8 : flatpak (ELSA-2019-1143)
2019-08-12 00:00:00
redhat
redhat
(RHSA-2019:1143) Important: flatpak security update
2019-05-13 04:50:39
(RHSA-2019:1024) Important: flatpak security update
2019-05-07 17:30:44
amazon
amazon
Important: flatpak
2019-05-29 19:11:00
Medium: flatpak
2023-07-17 17:39:00
veracode
veracode
Arbitrary Code Execution
2020-08-06 21:32:23
alpinelinux
alpinelinux
CVE-2019-10063
2019-03-26 14:29:00
CVE-2020-13753
2020-07-14 14:15:17
centos
centos
flatpak security update
2019-05-13 15:08:37
mageia
mageia
Updated flatpak packages fix security vulnerability
2023-03-24 08:55:49
archlinux
archlinux
[ASA-202007-1] webkit2gtk: multiple issues
2020-07-14 00:00:00