Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-42762
HistoryOct 20, 2021 - 12:00 a.m.

CVE-2021-42762

2021-10-2000:00:00
ubuntu.com
ubuntu.com
14

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

20.5%

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a
limited sandbox bypass that allows a sandboxed process to trick host
processes into thinking the sandboxed process is not confined by the
sandbox, by abusing VFS syscalls that manipulate its filesystem namespace.
The impact is limited to host services that create UNIX sockets that WebKit
mounts inside its sandbox, and the sandboxed process remains otherwise
confined. NOTE: this is similar to CVE-2021-41133.

Bugs

Notes

Author Note
jdstrand webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
mdeslaur the bubblewrap sandbox is disabled in bionic

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

20.5%