CVE-2016-10119
- EPSS 0.03%
- Published 13.04.2017 14:59:01
- Last modified 20.04.2025 01:37:25
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
CVE-2016-10118
- EPSS 0.05%
- Published 13.04.2017 14:59:01
- Last modified 20.04.2025 01:37:25
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
CVE-2016-10117
- EPSS 0.04%
- Published 13.04.2017 14:59:01
- Last modified 20.04.2025 01:37:25
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
CVE-2017-5207
- EPSS 0.04%
- Published 23.03.2017 16:59:00
- Last modified 20.04.2025 01:37:25
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
- EPSS 2.41%
- Published 23.03.2017 16:59:00
- Last modified 20.04.2025 01:37:25
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
CVE-2017-5940
- EPSS 0.09%
- Published 09.02.2017 18:59:00
- Last modified 20.04.2025 01:37:25
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vect...
CVE-2017-5180
- EPSS 0.39%
- Published 09.02.2017 18:59:00
- Last modified 20.04.2025 01:37:25
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors invol...
CVE-2016-9016
- EPSS 0.14%
- Published 19.01.2017 20:59:00
- Last modified 20.04.2025 01:37:25
Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.