CVE-2021-26910
HIGH7.0EPSS 0.05%firejail - security update
發布日:2021/2/8修改日:2026/4/28
描述
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
受影響套件(3)
- Debian/firejailfrom 0, < 0.9.64.4-1
- Debian/firejailfrom 0, < 0.9.44.8-2+deb9u2
- Debian/firejailfrom 0, < 0.9.58.2-2+deb10u2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.0 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |