Oval Definition:
oval:com.ubuntu.artful:def:20175226000
Revision Date
:
2017-03-29
Version
:
1
Title
:
CVE-2017-5226 on Ubuntu 17.10 (artful) - medium.
Description
:
When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the sandbox.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2017-5226
Platform(s)
:
Ubuntu 17.10
Product(s)
:
Definition Synopsis
Ubuntu 17.10 (artful) is installed.
AND
The 'bubblewrap' package in artful is affected and needs fixing.
BACK