Bug 2012245 (CVE-2021-41133)
Summary: | CVE-2021-41133 flatpak: Sandbox bypass via recent VFS-manipulating syscalls | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | amigadave, debarshir, klember, mcatanza |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | flatpak 1.12.1 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in the flatpak package. It is susceptible to a software flaw that can deceive portals and other host-OS services into treating the flatpak app as an ordinary, non-sandboxed host-OS process. This flaw allows the escalation of privileges that the corresponding services presume the flatpak app has. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-11-01 14:07:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2012246, 2012862, 2012864, 2012865, 2012866, 2012867, 2012868, 2012869 | ||
Bug Blocks: | 2012248 |
Description
Guilherme de Almeida Suckevicz
2021-10-08 16:19:32 UTC
Created flatpak tracking bugs for this issue: Affects: fedora-all [bug 2012246] As per link: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q Patches The short-term solution is to expand the deny-list of syscalls in the seccomp filter: e26ac75 89ae9fe 26b1248 a10f52a 9766ee0 4c34815 1330662 462fca2 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4042 https://access.redhat.com/errata/RHSA-2021:4042 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-41133 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:4044 https://access.redhat.com/errata/RHSA-2021:4044 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:4106 https://access.redhat.com/errata/RHSA-2021:4106 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:4107 https://access.redhat.com/errata/RHSA-2021:4107 |