vulnerability
SUSE: CVE-2017-5226: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Mar 29, 2017 | May 20, 2018 | Feb 4, 2022 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 29, 2017
Added
May 20, 2018
Modified
Feb 4, 2022
Description
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
Solution(s)
suse-upgrade-bubblewrapsuse-upgrade-flatpaksuse-upgrade-flatpak-develsuse-upgrade-flatpak-zsh-completionsuse-upgrade-libflatpak0suse-upgrade-system-user-flatpaksuse-upgrade-typelib-1_0-flatpak-1_0
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.