CVE-2016-8659

CVE-2016-8659 affects Bubblewrap versions prior to 0.1.3. The underlying issue is that the process sets the PR_SET_DUMPABLE flag, which may allow local users to gain privileges by attaching to the PrivSep socket. The connected documents confirm the vulnerable component and the root cause, and des...