Sandbox Bypass Vulnerability in Flatpak by Collabora
CVE-2019-10063

9CRITICAL

Key Information:

Vendor

Flatpak

Status
Flatpak
Vendor
CVE Published:
26 March 2019

What is CVE-2019-10063?

Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux, is susceptible to a sandbox bypass vulnerability due to an incomplete seccomp filter implementation. This flaw allows attackers to exploit the interaction between ioctls by crafting malicious ioctl requests that trigger execution of commands outside the sandbox environment. By leveraging a combination of specific bit manipulations in the ioctl request, unauthorized commands can potentially be injected, compromising the security model intended to isolate applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/flatpak/flatpak/issues/2782
x_refsource_MISC
https://access.redhat.com/errata/RHSA-2019:1024
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1143
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.