Bypassing Seccomp-based Sandbox Protection in Firejail

Bypassing Seccomp-based Sandbox Protection in Firejail

CVE-2017-5206 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.