252 matches found
DEBIAN-CVE-2017-5226
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox...
CVE-2017-5226
CVE-2017-5226 is described across connected docs as a bubblewrap sandbox escape via TIOCSTI: a nonprivileged session could push characters into the terminal input buffer to escape the sandbox. Related entries (e.g., CVE-2020-13753) note this as part of a family using TIOCSTI and CLONE_NEWUSER, hi...
Code injection
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
DEBIAN-CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
CVE-2016-8659
CVE-2016-8659 affects Bubblewrap versions prior to 0.1.3. The underlying issue is that the process sets the PR_SET_DUMPABLE flag, which may allow local users to gain privileges by attaching to the PrivSep socket. The connected documents confirm the vulnerable component and the root cause, and des...
CVE-2016-8659
Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...
Alpha Version of Sandboxed Tor Browser Released
A sandboxed version of the Tor Browser was released over the weekend, and while there are still some rough edges and bugs – potentially major, according to the developer– it could be the first step toward protecting Tor users from recent de-anonymization exploits. Yawning Angel, a longtime Tor...
Project Atomic bubblewrap Local Elevation of Privilege Vulnerability
Project Atomic is a suite of software sponsored by Red Hat that supports the creation and running of applications using Linux and Docker containers. A local elevation of privilege vulnerability exists in Project Atomic bubblewrap version 0.1.2-1, which can be exploited by an attacker to gain...