CVE-2021-21381

CWE-74CWE-284Improper Access Control6 documents6 sources
Severity
8.2HIGH
EPSS
0.1%
top 69.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Flatpak FlatpakDebian Debian LinuxFedoraproject Fedora
Timeline
PublishedMar 11
Latest updateMay 12

Description

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be allowed by the app's permissions. By putting the special tokens `@@` and/or `@@u` in the Exec field of a Flatpak app's .desktop file, a malicious app publisher can trick flatpak into behaving as though

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:NExploitability: 1.8 | Impact: 4.7

Affected Packages3 packages

NVDflatpak/flatpak0.9.41.10.2
Debianflatpak< 1.10.1-4+3
CVEListV5flatpak/flatpak>= 0.9.4, < 1.10.2

Also affects: Debian Linux 10.0, Fedora 33, 34

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

2
OSV
CVE-2021-21381: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux2021-03-11
CVEList
Sandbox escape via special tokens in .desktop file2021-03-11

📋Vendor Advisories

3
Ubuntu
Flatpak vulnerability2021-05-12
Red Hat
flatpak: "file forwarding" feature can be used to gain unprivileged access to files2021-03-09
Debian
CVE-2021-21381: flatpak - Flatpak is a system for building, distributing, and running sandboxed desktop ap...2021
CVE-2021-21381 (HIGH CVSS 8.2) | Flatpak is a system for building | cvebase.io