CVE-2017-5226
CRITICAL10.0EPSS 10.4%發布日:2017/3/29修改日:2026/4/28
描述
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
受影響套件(1)
- Debian/bubblewrapfrom 0, < 0.1.5-2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL10.0 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |