'Re: [oss-security] firejail: local root exploit reachable via --join logic (CVE-2022-31214)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] firejail: local root exploit reachable via --join logic (CVE-2022-31214)
From:       Alex Murray <alex.murray () canonical ! com>
Date:       2022-06-09 3:30:48
Message-ID: 878rq634o7.fsf () graphene ! mail-host-address-is-not-set
[Download RAW message or body]

On Wed, 2022-06-08 at 14:48:47 +0200, Matthias Gerstner wrote:

>
> Upstream Bugfix
> ===============
>
> Upstream published a comprehensive bugfix for this issue just today [2].
< ...
> [2]: https://github.com/netblue30/firejail/commit/27cde3d7d1e4e16d4190932347c7151dc2a84c50
>

FYI it looks like upstream made two subsequent fixup commits as well:

https://github.com/netblue30/firejail/commit/dab835e7a0eb287822016f5ae4e87f46e1d363e7
https://github.com/netblue30/firejail/commit/1884ea22a90d225950d81c804f1771b42ae55f54
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic