Vulnerabilities > Firejail Project

DATE CVE VULNERABILITY TITLE RISK
2017-04-13 CVE-2016-10119 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10118 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.
local
low complexity
firejail-project CWE-264
3.3
2017-04-13 CVE-2016-10117 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
local
low complexity
firejail-project CWE-264
7.8
2017-03-23 CVE-2017-5207 Improper Privilege Management vulnerability in Firejail Project Firejail
Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
local
low complexity
firejail-project CWE-269
7.8
2017-03-23 CVE-2017-5206 Unspecified vulnerability in Firejail Project Firejail
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
network
high complexity
firejail-project
critical
9.0
2017-02-09 CVE-2017-5940 Improper Privilege Management vulnerability in Firejail Project Firejail
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
local
low complexity
firejail-project CWE-269
8.8
2017-02-09 CVE-2017-5180 Missing Authorization vulnerability in Firejail Project Firejail
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
local
low complexity
firejail-project CWE-862
8.8
2017-01-19 CVE-2016-9016 Improper Access Control vulnerability in Firejail Project Firejail 0.9.38.4
Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
local
low complexity
firejail-project CWE-284
8.8