Vulnerability Details : CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133.
Products affected by CVE-2021-42762
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
- cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-42762
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-42762
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
5.3
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
NIST |
References for CVE-2021-42762
-
http://www.openwall.com/lists/oss-security/2021/10/27/2
oss-security - Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006Mailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/10/27/4
oss-security - Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006Mailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/10/27/1
oss-security - Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006Mailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/
[SECURITY] Fedora 33 Update: webkit2gtk3-2.34.1-1.fc33 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/
[SECURITY] Fedora 34 Update: webkit2gtk3-2.34.1-1.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5J2LZQTDX53DNSKSGU7TQYCO2HKSTY4/
[SECURITY] Fedora 35 Update: webkit2gtk3-2.34.1-2.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://www.debian.org/security/2021/dsa-4996
Debian -- Security Information -- DSA-4996-1 wpewebkitThird Party Advisory
-
https://www.debian.org/security/2021/dsa-4995
Debian -- Security Information -- DSA-4995-1 webkit2gtkThird Party Advisory
-
https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
Sandbox bypass via recent VFS-manipulating syscalls · Advisory · flatpak/flatpak · GitHubThird Party Advisory
-
https://bugs.webkit.org/show_bug.cgi?id=231479
231479 – (CVE-2021-42762) (CVE-2021-42762) [WPE][GTK] Limited sandbox escape via VFS syscallsExploit;Issue Tracking;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2021/10/26/9
oss-security - WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006Mailing List;Third Party Advisory
Jump to