CVEs-PoC/2017/CVE-2017-5940.md at e7be3f24665f27f4f8a571f070ce04dfd1f54dc4

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 06:06:44 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-5180.

POC

Reference

https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f
https://github.com/netblue30/firejail/commit/903fd8a0789ca3cc3c21d84cd0282481515592ef
https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863

Github

No PoCs found on GitHub currently.

1.0 KiB Raw Blame History

CVE-2017-5940

Description

POC

Reference

Github

1.0 KiB

Raw Blame History