Bug 1695973 (CVE-2019-10063) - CVE-2019-10063 flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-2017-5226)
Summary: CVE-2019-10063 flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-201...
Alias: CVE-2019-10063
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1695974 1700651 1700652 1700653 1700654
Blocks: 1695975
TreeView+ depends on / blocked
Reported: 2019-04-04 00:45 UTC by Pedro Sampaio
Modified: 2021-02-16 22:09 UTC (History)
2 users (show)

Fixed In Version: flatpak 1.3.2
Doc Type: If docs needed, set a value
Doc Text:
An incomplete fix for CVE-2017-5226 was found in flatpak. A sandbox bypass flaw was found in the way bubblewrap, which is used for sandboxing flatpak applications handled the TIOCSTI ioctl. A malicious flatpak application could use this flaw to inject commands into the controlled terminal of the host after the flatpak applications exits. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Last Closed: 2019-06-10 10:53:18 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:1024 0 None None None 2019-05-07 18:06:11 UTC
Red Hat Product Errata RHSA-2019:1143 0 None None None 2019-05-13 05:03:09 UTC

Description Pedro Sampaio 2019-04-04 00:45:27 UTC
Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.

Upstream issue:


Comment 1 Pedro Sampaio 2019-04-04 00:45:38 UTC
Created flatpack tracking bugs for this issue:

Affects: fedora-all [bug 1695974]

Comment 2 Huzaifa S. Sidhpurwala 2019-04-17 05:02:28 UTC

Flatpak uses bubblewrap for sandboxing applications. CVE-2017-5226 was found in bubblewrap which would allow sandboxed application to issue TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox. (https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5226).

This issue was however fixed in flatpak by using seccomp filter to prevent sandboxed apps from using the TIOCSTI ioclt via the following commit:

However it was found that this commit/security fix was not enough to fix the issue. On 64-bit systems, the seccomp filter could be bypassed by a malicious application by setting using an IOCTL request number that has TIOCSTI as its least significant 32-bits and using an arbitrary non-zero value in its most significant 32-bit. The kernel would treat this as equivalent to TIOCSTI.

Sandboxed applications inside flatpaks could use this to bypass the sandbox and execute commands on the host terminals, therefore bypassing the sandbox.

Comment 4 Huzaifa S. Sidhpurwala 2019-04-17 05:21:00 UTC
Upstream patch: https://github.com/flatpak/flatpak/commit/a9107feeb4b8275b78965b36bf21b92d5724699e

Comment 6 errata-xmlrpc 2019-05-07 18:06:10 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:1024 https://access.redhat.com/errata/RHSA-2019:1024

Comment 7 errata-xmlrpc 2019-05-13 05:03:08 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:1143 https://access.redhat.com/errata/RHSA-2019:1143

Comment 8 Eric Christensen 2020-04-28 21:04:04 UTC

This flaw can be exploited by malicious flatpak applications which include the code to exploit the wrong handling of the TIOCSTI ioctl (AV:L). No special action is needed to be performed by the attacker just having the exploit code should be enough for bypassing the sandbox restrictions (AC:L), Also the applications needs to be downloaded and run by the victim (PR:L). The flaw results in code being executed on the host system which is running the sandboxed application therefore this affects the host beyond the sandboxed application (S:C). Lastly considering the worst scenario in which the flatpak is run as root on the host system, this flaw can result in the malicious application running code as root on the host system (CIA:H).

Note You need to log in before you can comment on or make changes to this bug.