CVE-2026-41163

A flaw was found in bubblewrap when operating in setuid mode. A local user may use ptrace to interfere with the sandbox setup process and gain access to privileged operations that are normally restricted. This could allow an attacker to bypass intended sandboxing restrictions and potentially...

SUSE SLED15 / SLES15 Security Update : bubblewrap (SUSE-SU-2026:2094-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2094-1 advisory. This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead ...

openSUSE 16 Security Update : bubblewrap (openSUSE-SU-2026:20811-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20811-1 advisory. This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operation...

Security update for bubblewrap (important)

openSUSE security update: security update for bubblewrap ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20811-1 Rating: important References: bsc1263113 Cross-References: CVE-2026-41163 CVSS scores: CVE-2026-41163 SUSE : 7...

Security update for bubblewrap

This update for bubblewrap fixes the following issue CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2026:2094-1 Security update for bubblewrap

This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113...

OPENSUSE-SU-2026:20811-1 Security update for bubblewrap

This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113...

SUSE-SU-2026:21847-1 Security update for bubblewrap

This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113...

Ubuntu 25.10 / 26.04 LTS : Bubblewrap vulnerability (USN-8288-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8288-1 advisory. It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issu...

USN-8288-1 bubblewrap vulnerability

It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issue to bypass sandbox restrictions...

USN-8288-1: Bubblewrap vulnerability

It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issue to bypass sandbox restrictions...

Astra Linux - уязвимость в flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak application that used persistent directories could access and write files outside of its usual access rights, which constituted an attack on integrity and...

Astra Linux - уязвимость в flatpak

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak application could execute arbitrary code outside its sandbox. Normally, the --command argument of flatpak...

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

CVE-2026-41163 bubblewrap vulnerable to privilege escalation in setuid mode via ptrace

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

CVE-2026-41163

CVE-2026-41163 affects bubblewrap when installed in setuid mode from version 0.11.0 up to before 0.11.2. The vulnerability arises because an attacker can use ptrace to attach to bubblewrap and manipulate the unprivileged portion of the sandbox setup phase, enabling the attacker to perform privile...

EUVD-2026-28884

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

Bubblewrap 安全漏洞

Bubblewrap is a set of open-source, non-privileged sandbox tools developed by Containers. Versions of Bubblewrap from 0.11.0 to 0.11.2 contained security vulnerabilities. These vulnerabilities stemmed from the ability for users to attach to Bubblewrap using setuid mode and control the...