1. CVE-Search
  2. CVE-2021-26910
ID CVE-2021-26910
Summary Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
References
Vulnerable Configurations
  • cpe:2.3:a:firejail_project:firejail:-:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:-:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:-:*:*:*:*:wordpress:*:*
    cpe:2.3:a:firejail_project:firejail:-:*:*:*:*:wordpress:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.2:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.2:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.4:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.4:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.6:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.6:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.8:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.8:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.8.1:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.8.1:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.10:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.10:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12.1:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12.1:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.12.2:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.12.2:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.14:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.14:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.14:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.14:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.16:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.16:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.16:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.16:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.20:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.20:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.20:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.20:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.22:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.22:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.22:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.22:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.24:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.24:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.24:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.24:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.26:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.26:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.26:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.26:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.28:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.28:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.28:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.28:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.30:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.30:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.30:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.30:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.30:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.30:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.30:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.30:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.30:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.30:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.32:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.32:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.32:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.32:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.32:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.32:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.32:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.32:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.32:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.32:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.34:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.34:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.34:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.34:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.34:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.34:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.34:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.34:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.34:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.34:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.36:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.36:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.36:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.36:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.36:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.36:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.36:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.36:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.36:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.36:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.4:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.6:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.8:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.10:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.10:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.10:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.10:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.12:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.12:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.38.12:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.38.12:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.40:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.40:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.40:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.40:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.40:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.40:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.40:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.40:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.40:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.40:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.42:rc2:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.42:rc2:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.2:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.2:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.2:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.4:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.4:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.4:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.4:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.6:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.6:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.6:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.6:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.8:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.8:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.8:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.8:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.10:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.10:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.44.10:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.44.10:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.46:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.46:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.46:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.46:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.46:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.46:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.46:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.46:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.46:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.46:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.48:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.48:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.48:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.48:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.50:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.50:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.50:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.50:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.50:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.50:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.50:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.50:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.50:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.50:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.52:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.52:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.52:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.52:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.54:rc2:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.54:rc2:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:-:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:-:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:-:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:-:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56:rc1:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56:rc1:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.56.2:*:*:*:lts:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.56.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.58:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.58:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.58:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.58:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.58.2:*:*:*:-:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.58.2:*:*:*:-:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.60:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.60:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.60:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.60:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.62:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.62:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.62.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.62.2:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.62.4:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.62.4:*:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.64:-:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.64:-:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.64:rc1:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.64:rc1:*:*:*:*:*:*
  • cpe:2.3:a:firejail_project:firejail:0.9.64.2:*:*:*:*:*:*:*
    cpe:2.3:a:firejail_project:firejail:0.9.64.2:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 23-05-2022 - 22:01)
Impact:
Exploitability:
CWE CWE-367
CAPEC
  • Leveraging Race Conditions via Symbolic Links
    This attack leverages the use of symbolic links (Symlinks) in order to write to sensitive files. An attacker can create a Symlink link to a target file not otherwise accessible to her. When the privileged program tries to create a temporary file with the same name as the Symlink link, it will actually write to the target file pointed to by the attackers' Symlink link. If the attacker can insert malicious content in the temporary file she will be writing to the sensitive file by using the Symlink. The race occurs because the system checks if the temporary file exists, then creates the file. The attacker would typically create the Symlink during the interval between the check and the creation of the temporary file.
  • Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
    This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
Last major update 23-05-2022 - 22:01
Published 08-02-2021 - 20:15
Last modified 23-05-2022 - 22:01
Back to Top