oss-sec mailing list archives
Re: bubblewrap LPE
From: cve-assign () mitre org
Date: Thu, 13 Oct 2016 03:01:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Once the dumpable flag is set, there is a chance we could attach to the process, once the remaining caps are dropped and the whole process runs as user. Luckily, that happens at line 1707, right after a PrivSep socket has been opened!
Use CVE-2016-8659 for this issue in which there is unintended functionality of attaching to the process because of the details of the code near 1707. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJX/zCzAAoJEHb/MwWLVhi2N7MP/iBQbZmO7LEnU4n2DN0AgDwV WiZAzDsNl6rfFMDC25pSmy+0wY5E9qzbXdOWxiAphntuwG7K2qPeM78FrqcBr6wB /bMwj1Xp7fIWZIAt5O9Nnd/0B+KQgYwU0KjaJVyEyHW59Qhk/WWIqWViqia3CDL0 zWVF/Ofnu2pTeoIOIBmnjAdgkiSihpU1XlR16e2YGfJAKAlaS0td+4jhogUmgkg3 Sa5IbvgTVrLdG0LALAa9NQeN2guOslDkiQepW4NjhNungSJbmrkgq3xdMey2GHrC 1hV1DgHbBLg43Kz7Mp1wKLxAn+VWvZrPHfYAP/gwpmA9kuUet1PAlN84awi2VbQg fTiY2f7/0AyQsIhhgPQVqfsidw2xBQ0DYc7uoQftFff/MmVFs0+K4miuFqmeQ06B WyFs4ur43J2EiS/rBJnZlNlqaBGvVg9pzeLv5MhfYnvteFGDxALfKAKNqIpQYHsZ c0JynLFP+el/XMBS2pt8cJiD1xVhGS/G3eCGCUWTmPBmaMfLHcJeyxO8ZmLcDetN zLPWjCDgtqUWGtfKWTR643I1cu5IVD3w2/k+glXwy3spz5JiKl5tfAFodDSUi35m Yn54sbPQ5ohVqoUrSd7FzTzrgfVAZJVNjcqbG+3VGpnfscgn0dSsEiH2i2jTlOy7 Vxo15BHmFPpa4CuVsG/j =/As/ -----END PGP SIGNATURE-----
Current thread:
- bubblewrap LPE Sebastian Krahmer (Oct 12)
- Re: bubblewrap LPE cve-assign (Oct 13)
- Re: bubblewrap LPE Simon McVittie (Oct 13)