CVE-2016-8659

Опубликовано: 13 фев. 2017

Источник: debian

Описание

Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
bubblewrap	fixed	0.1.2-2		package

Примечания

https://github.com/projectatomic/bubblewrap/issues/107

Связанные уязвимости

CVE-2016-8659

CVSS3: 7

ubuntu

почти 9 лет назад

Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.

CVE-2016-8659

CVSS3: 7

nvd

почти 9 лет назад

Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.

GHSA-q7w7-m7vg-xxg8

CVSS3: 7

github

больше 3 лет назад

Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.