Date: Tue, 25 Oct 2016 09:29:02 +0200 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com, up201407890@...nos.dcc.fc.up.pt, netblue30 <netblue30@...oo.com> Cc: team@...urity.debian.org Subject: Re: CVE-2016-7545 -- SELinux sandbox escape On Sun, 2016-09-25 at 13:49 +0200, up201407890@...nos.dcc.fc.up.pt wrote: > When executing a program via the SELinux sandbox, the nonpriv session > can escape to the parent session by using the TIOCSTI ioctl to push > characters into the terminal's input buffer, allowing an attacker to > escape the sandbox. Hi, it seems that firejail was affected by the same vulnerability, which was fixed in 0.9.44 with https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597 b4ff9f6a3cb28b2d500d1b The commit log reuses the CVE-2016-7545 number, but I guess a new one should be assigned since they don't share the same codebase? Regards, -- Yves-Alexis Perez - Debian Security Download attachment "signature.asc" of type "application/pgp-signature" (456 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.