CVE-2017-5226
Severity
10.0CRITICAL
EPSS
10.4%
top 6.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 29
Latest updateMar 16
Description
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0
Affected Packages3 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-m28g-vfcm-85ff: When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push character↗2022-05-13
OSV▶
CVE-2017-5226: When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push character↗2017-03-29
CVEList▶
CVE-2017-5226: When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push character↗2017-03-29
📋Vendor Advisories
4Red Hat
▶
Debian▶
CVE-2017-5226: bubblewrap - When executing a program via the bubblewrap sandbox, the nonpriv session can esc...↗2017
💬Community
6Bugzilla▶
CVE-2020-13753 webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl↗2020-09-16
Bugzilla▶
CVE-2019-10063 flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-2017-5226) [fedora-all]↗2019-04-04
Bugzilla
▶
Bugzilla▶
CVE-2017-5226 bubblewrap: Nonprivileged session can escape to the parent session by using the TIOCSTI ioctl↗2017-01-10
Bugzilla▶
CVE-2017-5226 bubblewrap: Nonprivileged session can escape to the parent session by using the TIOCSTI ioctl [epel-7]↗2017-01-10