Launchpad CVE tracker

CVE 2021-26910

Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.

Related bugs and status

CVE-2021-26910 (Candidate) is related to these bugs:

Bug #1916767: firejail version in Ubuntu 20.04 LTS is vulnerable to CVE-2021-26910

Summary				In	Importance	Status
	1916767	firejail version in Ubuntu 20.04 LTS is vulnerable to CVE-2021-26910		firejail (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/net...
MISC: https://github.com/net...
MISC: https://unparalleled.e...
MISC: https://unparalleled.e...
MLIST: [oss-security] 2021020...
DEBIAN: DSA-4849
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202105-19

Launchpad.net

CVE 2021-26910

Related bugs and status

Related bugs

References