First published: Thu Sep 05 2024(Updated: )
Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces.<br>Security Fix(es):<br><li> flatpak: Access to files outside sandbox for apps using persistent= (--persist) (CVE-2024-42472)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
Red Hat Red Hat Enterprise Linux Server - AUS | ||
redhat/bubblewrap | <0.4.0-2.el8_2 | 0.4.0-2.el8_2 |
redhat/flatpak | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/bubblewrap | <0.4.0-2.el8_2 | 0.4.0-2.el8_2 |
redhat/bubblewrap-debuginfo | <0.4.0-2.el8_2 | 0.4.0-2.el8_2 |
redhat/bubblewrap-debugsource | <0.4.0-2.el8_2 | 0.4.0-2.el8_2 |
redhat/flatpak | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-debugsource | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-debugsource | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-libs | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-libs | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-libs-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-libs-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-selinux | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-session-helper | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-session-helper-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-session-helper-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-tests-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
redhat/flatpak-tests-debuginfo | <1.6.2-9.el8_2 | 1.6.2-9.el8_2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.