251 matches found
ALSA-2024:9449 Important: bubblewrap and flatpak security update
Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fixes: flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 For more details about the security issue...
RHEL 9 : bubblewrap and flatpak (RHSA-2024:9449)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9449 advisory. Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...
Important: bubblewrap and flatpak security update
Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fixes: flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 For more details about the security issue...
Important: bubblewrap
Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...
Important: bubblewrap
Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...
Amazon Linux 2023 : bubblewrap (ALAS2023-2024-726)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-726 advisory. A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can...
USN-7046-1: Flatpak and Bubblewrap vulnerability
It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix...
USN-7046-1 bubblewrap, flatpak vulnerability
It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Flatpak and Bubblewrap vulnerability (USN-7046-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7046-1 advisory. It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and...
RHSA-2024:6421 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6422 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6420 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6419 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6418 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6355 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6356 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RHSA-2024:6357 Red Hat Security Advisory: bubblewrap and flatpak security update
Bulletin has no description...
RLSA-2024:6422 Important: bubblewrap and flatpak security update
Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. Security Fixes: flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 For more details about the security issue...
bubblewrap and flatpak security update
An update is available for flatpak, bubblewrap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bubblewrap /usr/bin/bwrap is a core execution engine for...
Rocky Linux 8 : bubblewrap and flatpak (RLSA-2024:6422)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6422 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly from...