Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20161025165108.37FFE73C0DA@smtpvmsrv1.mitre.org>
Date: Tue, 25 Oct 2016 12:51:08 -0400 (EDT)
From: cve-assign@...re.org
To: corsac@...ian.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, up201407890@...nos.dcc.fc.up.pt, netblue30@...oo.com, team@...urity.debian.org
Subject: Re: CVE-2016-7545 -- SELinux sandbox escape - Firejail is CVE-2016-9016

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> On Sun, 2016-09-25 at 13:49 +0200, up201407890@...nos.dcc.fc.up.pt wrote:
>> When executing a program via the SELinux sandbox, the nonpriv session
>> can escape to the parent session by using the TIOCSTI ioctl to push
>> characters into the terminal's input buffer, allowing an attacker to
>> escape the sandbox.

> it seems that firejail was affected by the same vulnerability, which
> was fixed in 0.9.44 with
> https://github.com/netblue30/firejail/commit/46dc2b34f1fbbc4597b4ff9f6a3cb28b2d500d1b
> 
> The commit log reuses the CVE-2016-7545 number, but I guess a new one
> should be assigned since they don't share the same codebase?

The ID for the similar Firejail vulnerability is CVE-2016-9016.
An additional reference is:

  https://firejail.wordpress.com/download-2/release-notes/

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYD4z3AAoJEHb/MwWLVhi24ewQAIgsLJF0ToaKXKahu7nzwYxk
R4AnRxXuzA0eLbvH+jqGQxE0NbIlf394O7IwGv6gDLpwAvN0KbgtyEMqrBZ270+L
UOzydUS4i9Ntlp6e2k/1CLr7Jihphjo60qclGgJEzq187qALfmFyi7H56NWpjBLX
1JZs7vL3po8ehmEOweb+UdstVrene2UcvX9TZRNGP4GOO1XJ7/VrnvhDBxCNpONR
0M2F98Jb9XY/jx4Agur64xRrvE3GiuY4S5GC+JOTBcbCXc7l2o+rOXOOEbuOYkxP
5znGPpya92D6bjDe1LNZ+SntH73vEGJXUHRvqLrZAdRZ4YQCPAxvI87AHNh7e2o8
a5QayZCYd0QVvHX2fa2lzDOQ2MV8adWj/IU1C6TRNThEQQgZzMvvqtl0nOcdetYh
blQo8n4WqdRRK3SeBB2z8lnzF3b5H79/PJCUSCI35gT39kw47GetwdtzrEODrl4E
LxRsl8XsmamWA0qq8DhWg7YlGMSYgx7on8gTyh73lN87cSziq26OnZEuAK1uQbcI
Ag0OllszMHJMIBY7CxgxAfNcEc91LPwmcNXSSybxJ0QJcFzSnKgWgQqvYLYOcfH7
olobW7zvnXr9rpYODd9P+EzXBWbvRKzp8tMUljb20jC8DZ49slCwkW+TzfloG6Q3
kvg8DcdSvh+XK8FzieDu
=I0E8
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.