Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10063

Опубликовано: 26 мар. 2019
Источник: nvd
CVSS3: 9
CVSS2: 6.8
EPSS Низкий

Описание

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*
Версия до 1.0.8 (исключая)
cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*
Версия от 1.1.0 (включая) до 1.1.3 (включая)
cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*
Версия от 1.2.0 (включая) до 1.2.4 (исключая)
cpe:2.3:a:flatpak:flatpak:1.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 29%
0.00105
Низкий

9 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2019-10063

CVSS3: 9
ubuntu
почти 7 лет назад

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

redhat логотип

CVE-2019-10063

CVSS3: 8.8
redhat
почти 7 лет назад

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

debian логотип

CVE-2019-10063

CVSS3: 9
debian
почти 7 лет назад

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1 ...

github логотип

GHSA-mc9j-733x-89cx

CVSS3: 9
github
больше 3 лет назад

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

oracle-oval логотип

ELSA-2019-1143

oracle-oval
больше 6 лет назад

ELSA-2019-1143: flatpak security update (IMPORTANT)

EPSS

Процентиль: 29%
0.00105
Низкий

9 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20