Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI. Upstream issue: https://github.com/flatpak/flatpak/issues/2782
Created flatpack tracking bugs for this issue: Affects: fedora-all [bug 1695974]
Analysis: Flatpak uses bubblewrap for sandboxing applications. CVE-2017-5226 was found in bubblewrap which would allow sandboxed application to issue TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox. (https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5226). This issue was however fixed in flatpak by using seccomp filter to prevent sandboxed apps from using the TIOCSTI ioclt via the following commit: https://github.com/flatpak/flatpak/commit/902fb713990a8f968ea4350c7c2a27ff46f1a6c4 However it was found that this commit/security fix was not enough to fix the issue. On 64-bit systems, the seccomp filter could be bypassed by a malicious application by setting using an IOCTL request number that has TIOCSTI as its least significant 32-bits and using an arbitrary non-zero value in its most significant 32-bit. The kernel would treat this as equivalent to TIOCSTI. Sandboxed applications inside flatpaks could use this to bypass the sandbox and execute commands on the host terminals, therefore bypassing the sandbox.
Upstream patch: https://github.com/flatpak/flatpak/commit/a9107feeb4b8275b78965b36bf21b92d5724699e
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1024 https://access.redhat.com/errata/RHSA-2019:1024
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1143 https://access.redhat.com/errata/RHSA-2019:1143
Statement: This flaw can be exploited by malicious flatpak applications which include the code to exploit the wrong handling of the TIOCSTI ioctl (AV:L). No special action is needed to be performed by the attacker just having the exploit code should be enough for bypassing the sandbox restrictions (AC:L), Also the applications needs to be downloaded and run by the victim (PR:L). The flaw results in code being executed on the host system which is running the sandboxed application therefore this affects the host beyond the sandboxed application (S:C). Lastly considering the worst scenario in which the flatpak is run as root on the host system, this flaw can result in the malicious application running code as root on the host system (CIA:H).