cbcvebase.
CVE-2019-12499
published 2019-05-31

CVE-2019-12499: Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having…

PriorityP346high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
2.03%
78.7th percentile
Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) needs to be started as root, and it also needs to be terminated as root from the host (either by stopping it ungracefully (e.g., SIGKILL), or by using the --shutdown control command). This is similar to CVE-2019-5736.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianfirejail< firejail 0.9.58.2-2 (bookworm)firejail 0.9.58.2-2 (bookworm)
firejail_projectfirejail< 0.9.600.9.60
firejail_projectfirejail>= 0 < 0.9.58.2-20.9.58.2-2
firejail_projectfirejail>= 0 < 0.9.58.2-20.9.58.2-2
firejail_projectfirejail>= 0 < 0.9.58.2-20.9.58.2-2
firejail_projectfirejail>= 0 < 0.9.58.2-20.9.58.2-2

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv8.1HIGH
vendor_debian8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.