Vulnerability Details : CVE-2017-5180
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
Exploit prediction scoring system (EPSS) score for CVE-2017-5180
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-5180
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
nvd@nist.gov |
|
8.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
2.0
|
6.0
|
nvd@nist.gov |
CWE ids for CVE-2017-5180
-
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5180
-
https://firejail.wordpress.com/download-2/release-notes/
Release Notes | FirejailRelease Notes;Vendor Advisory
-
http://openwall.com/lists/oss-security/2017/01/04/2
oss-security - Re: Firejail local root exploitMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/201701-62
Firejail: Multiple vulnerabilities (GLSA 201701-62) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/bid/95298
Firejail CVE-2017-5180 Local Code Execution VulnerabilityThird Party Advisory;VDB Entry
Products affected by CVE-2017-5180
- cpe:2.3:a:firejail_project:firejail:*:*:*:*:-:*:*:*
- Firejail Project » Firejail » LTS EditionVersions from including (>=) 0.9.38 and before (<) 0.9.38.8cpe:2.3:a:firejail_project:firejail:*:*:*:*:lts:*:*:*