Lucene search
GoogleOSV:CVE-2021-26910HistoryFeb 08, 2021 - 8:15 p.m.
CVE-2021-26910
2021-02-0820:15:13
Google
osv.dev
3
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| firejail | eq | 0.9.32 | |
| firejail | eq | 0.9.58 | |
| firejail | eq | 0.9.52 | |
| firejail | eq | disable-globalcfg | |
| firejail | eq | 0.9.32-rc1 | |
| firejail | eq | 0.9.42-rc1 | |
| firejail | eq | 0.9.38 | |
| firejail | eq | 0.9.50-rc1 | |
| firejail | eq | 0.9.56 | |
| firejail | eq | 0.9.64.2 |
References
www.openwall.com/lists/oss-security/2021/02/09/1
github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834b
github.com/netblue30/firejail/releases/tag/0.9.64.4
lists.debian.org/debian-lts-announce/2021/02/msg00015.html
security.gentoo.org/glsa/202105-19
unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/
unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt
www.debian.org/security/2021/dsa-4849
Related
archlinux
archlinux
[ASA-202102-26] firejail: privilege escalation
2021-02-12 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Firejail vulnerability (USN-5141-1)
2021-11-11 00:00:00
Debian DLA-2554-1 : firejail security update
2021-02-12 00:00:00
Debian DSA-4849-1 : firejail - security update
2021-02-10 00:00:00
alpinelinux
alpinelinux
CVE-2021-26910
2021-02-08 20:15:13
osv
osv
firejail - security update
2021-02-09 00:00:00
firejail - security update
2021-02-11 00:00:00
firejail vulnerability
2021-11-11 07:52:38
debian
debian
[SECURITY] [DSA 4849-1] firejail security update
2021-02-09 21:18:28
[SECURITY] [DLA 2554-1] firejail security update
2021-02-11 06:45:23
[SECURITY] [DSA 4849-1] firejail security update
2021-02-09 21:18:28
ubuntucve
ubuntucve
CVE-2021-26910
2021-02-08 00:00:00
cve
cve
CVE-2021-26910
2021-02-08 20:15:13
prion
prion
Race condition
2021-02-08 20:15:00
openvas
openvas
Debian: Security Advisory (DSA-4849-1)
2021-02-10 00:00:00
Mageia: Security Advisory (MGASA-2021-0120)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-5141-1)
2021-11-12 00:00:00
ubuntu
ubuntu
Firejail vulnerability
2021-11-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2289
2023-11-07 09:51:32
debiancve
debiancve
CVE-2021-26910
2021-02-08 20:15:13
gentoo
gentoo
Firejail: Privilege escalation
2021-05-26 00:00:00
veracode
veracode
Access Control Bypass
2021-02-09 08:07:46
mageia
mageia
Updated firejail package fixes a security vulnerability
2021-03-12 04:25:47
redhatcve
redhatcve
CVE-2021-26910
2022-05-21 00:04:53
nvd
nvd
CVE-2021-26910
2021-02-08 20:15:13
cvelist
cvelist
CVE-2021-26910
2021-02-08 19:56:38
suse
suse
Security update for firejail (important)
2021-02-10 00:00:00