A vulnerability has been discovered when providing a custom shell as a parameter to the firejail bandwidth command. By making this custom shell ignore the -c (for command) option, an attacker can execute an arbitrary command to, for example, obtain a root shell.
A vulnerability has been discovered when providing a custom shell as a parameter to the firejail bandwidth command. By making this custom shell ignore the -c (for command) option, an attacker can execute an arbitrary command to, for example, obtain a root shell.
https://github.com/netblue30/firejail/issues/1023 https://github.com/netblue30/firejail/commit/5d43fdcd215203868d440ffc42036f5f5ffc89fc