Sandbox Bypass Vulnerability in Linux Systems: File Truncation in Firefox < 55

Sandbox Bypass Vulnerability in Linux Systems: File Truncation in Firefox < 55

CVE-2017-7794 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.