First published: Thu Apr 04 2019(Updated: )
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/bubblewrap | <0.3.3 | 0.3.3 |
Projectatomic Bubblewrap | <0.3.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.