Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2022-31214

Published: 09/06/2022 Updated: 07/11/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Firejail Project

Vulnerability Summary

A Privilege Context Switching issue exists in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

firejail project firejail 0.9.68

fedoraproject fedora 35

fedoraproject fedora 36

fedoraproject fedora 37

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Debian CVElist Bug Report Logs: firejail: CVE-2022-31214: local root exploit reachable via --join logic
Debian Bug report logs - #1012510 firejail: CVE-2022-31214: local root exploit reachable via --join logic Package: src:firejail; Maintainer for src:firejail is Reiner Herrmann <reiner@reiner-hde>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 8 Jun 2022 14:54:02 UTC Severity: grave Tags: security ...
Debian Security Advisories: DSA-5167-1 firejail -- security update
Matthias Gerstner discovered that the --join option of Firejail, a sandbox to restrict an application environment, was susceptible to local privilege escalation to root For the oldstable distribution (buster), this problem has been fixed in version 09582-2+deb10u3 For the stable distribution (bullseye), this problem has been fixed in version 0 ...

References

CWE-269https://www.openwall.com/lists/oss-security/2022/06/08/10https://firejail.wordpress.com/download-2/release-notes/https://www.debian.org/security/2022/dsa-5167https://lists.debian.org/debian-lts-announce/2022/06/msg00023.htmlhttps://security.gentoo.org/glsa/202305-19https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIBEBE3KFINMGJATBQQS7D2VQQ62ZVMF/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUZZ5M6LIBYRKTKGROXC47TDC3FRTGJF/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RZOTZ36RUSL6DOVHITY25ZYKWTG5HN3/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012510https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5167
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook