Critical severity10.0NVD Advisory· Published Mar 29, 2017· Updated Jun 17, 2026
CVE-2017-5226
CVE-2017-5226
Description
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:projectatomic:bubblewrap:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:projectatomic:bubblewrap:*:*:*:*:*:*:*:*range: <=0.1.5
- (no CPE)
- osv-coords2 versionspkg:rpm/opensuse/bubblewrap&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/flatpak&distro=openSUSE%20Tumbleweed
< 0.5.0-1.1+ 1 more
- (no CPE)range: < 0.5.0-1.1
- (no CPE)range: < 1.11.3-1.2
Patches
Vulnerability mechanics
References
7- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- github.com/projectatomic/bubblewrap/commit/d7fc532c42f0e9bf427923bab85433282b3e5117nvdPatch
- github.com/projectatomic/bubblewrap/issues/142nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/97260nvdThird Party AdvisoryVDB Entry
- www.openwall.com/lists/oss-security/2020/07/10/1nvd
- www.openwall.com/lists/oss-security/2023/03/17/1nvd
- www.openwall.com/lists/oss-security/2023/03/14/2nvd
News mentions
0No linked articles in our index yet.