New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2019-10063: incomplete TIOCSTI filtering, similar to snapd's CVE-2019-7303 #2782
Comments
|
I merged the PR and will do a release of 1.2.x and 1.0.x with this. @smcv can you do the CVE dance to get a number for this? |
|
CVE requested. I've assumed that versions >= 1.3.1, 1.2.x >= 1.2.4 and 1.0.x >= 1.0.8 will fix this. Are you going to do releases for any older branches? Debian stable still has 0.8.x (plus 1.2.x as an official backport) but I can backport the patch if the 0.8.x branch is no longer supported upstream. |
|
I'm only doing 1.0, 1.2, and 1.3 |
|
MITRE has allocated CVE-2019-10063. |
Fixes #112 See also: flatpak/flatpak#2782
Fixes #112 See also: flatpak/flatpak#2782
Fixes #112 See also: flatpak/flatpak#2782
Fixes #112 See also: flatpak/flatpak#2782
Fixes #112 See also: flatpak/flatpak#2782
On containers/bubblewrap#309, @wland32 wrote:
bubblewrap isn't directly affected, because it doesn't try to prevent TIOCSTI, but things like Flatpak that use bubblewrap might well be vulnerable to a very similar attack.
From the snapd advisory, USN-3917-1:
and from comments at the beginning of the snapd exploit:
If Flatpak is vulnerable, it will need its own CVE ID, because CVE-2019-7303 is for the snapd codebase.
The text was updated successfully, but these errors were encountered: