Unrated severityNVD Advisory· Published Feb 8, 2021· Updated Aug 3, 2024
CVE-2021-26910
CVE-2021-26910
Description
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Firejail/Firejaildescription
Patches
Vulnerability mechanics
References
8- security.gentoo.org/glsa/202105-19mitrevendor-advisoryx_refsource_GENTOO
- www.debian.org/security/2021/dsa-4849mitrevendor-advisoryx_refsource_DEBIAN
- www.openwall.com/lists/oss-security/2021/02/09/1mitremailing-listx_refsource_MLIST
- github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834bmitrex_refsource_MISC
- github.com/netblue30/firejail/releases/tag/0.9.64.4mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/02/msg00015.htmlmitremailing-listx_refsource_MLIST
- unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/mitrex_refsource_MISC
- unparalleled.eu/publications/2021/advisory-unpar-2021-0.txtmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.