|Category:||Debian Local Security Checks|
|Title:||Debian: Security Advisory for firejail (DSA-4742-1)|
|Summary:||The remote host is missing an update for the 'firejail'; package(s) announced via the DSA-4742-1 advisory.|
The remote host is missing an update for the 'firejail'
package(s) announced via the DSA-4742-1 advisory.
Tim Starling discovered two vulnerabilities in firejail, a sandbox
program to restrict the running environment of untrusted applications.
It was reported that firejail does not respect the end-of-options
separator ('--'), allowing an attacker with control over the command
line options of the sandboxed application, to write data to a
It was reported that firejail when redirecting output via --output
or --output-stderr, concatenates all command line arguments into a
single string that is passed to a shell. An attacker who has control
over the command line arguments of the sandboxed application could
take advantage of this flaw to run run arbitrary other commands.
'firejail' package(s) on Debian Linux.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your firejail packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-17367|
Common Vulnerability Exposure (CVE) ID: CVE-2020-17368
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.