Vulnerability CVE-2017-5206: Information

Description

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

Severity: CRITICAL (9.0) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-5206
Published: March 23, 2017
Modified: Oct. 3, 2019

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firejailsisyphus0.9.44.4-alt10.9.72-alt1ALT-PU-2017-1009-1175903Fixed
firejailp100.9.44.4-alt10.9.72-alt1ALT-PU-2017-1009-1175903Fixed
firejailp90.9.44.4-alt10.9.64-alt1ALT-PU-2017-1009-1175903Fixed
firejailp80.9.44.4-alt0.M80P.10.9.50-alt1.M80P.1ALT-PU-2017-1010-1175904Fixed
firejailc10f10.9.44.4-alt10.9.72-alt1ALT-PU-2017-1009-1175903Fixed
firejailc9f20.9.44.4-alt10.9.62.4-alt1ALT-PU-2017-1009-1175903Fixed
firejailp110.9.44.4-alt10.9.72-alt1ALT-PU-2017-1009-1175903Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
GLSA-201701-62
  • Patch
  • Third Party Advisory
  • VDB Entry
https://github.com/netblue30/firejail/commit/6b8dba29d73257311564ee7f27b9b14758cc693e
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://firejail.wordpress.com/download-2/release-notes/
  • Release Notes
  • Vendor Advisory
https://blog.lizzie.io/linux-containers-in-500-loc.html#fn.51
  • Third Party Advisory
[oss-security] 20170107 Re: Firejail local root exploit
  • Mailing List
  • Patch
  • Third Party Advisory
97120
  • Third Party Advisory
  • VDB Entry

    1. Configuration 1

      cpe:2.3:a:firejail_project:firejail:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top