Описание
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
Ссылки
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
- Issue TrackingThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
EPSS
7.4 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories ...
EPSS
7.4 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2