#45608 – Имеется незакрытая уязвимость CVE-2022-31214 (was fixed in 0.9.70)

Bug 45608 - Имеется незакрытая уязвимость CVE-2022-31214 (was fixed in 0.9.70)

Summary: Имеется незакрытая уязвимость CVE-2022-31214 (was fixed in 0.9.70)

Status:	CLOSED FIXED

Alias:	None

Product:	Branch p10
Classification:	Unclassified
Component:	firejail (show other bugs)
Version:	не указана
Hardware:	x86_64 Linux

Importance:	P5 normal
Assignee:	qa-team@altlinux.org
QA Contact:	qa-p10@altlinux.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-03-21 15:10 MSK by Alexander
Modified:	2023-04-03 14:46 MSK (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander 2023-03-21 15:10:04 MSK

CVE-2022-31214 - root escalation in --join logic
    Reported by  Matthias Gerstner, working exploit code was provided to our
    development team. In the same time frame, the problem was independently

В актуальной версии приложения уязвимость закрыта

Comment 1 Alexander 2023-03-21 15:11:16 MSK

  * security: CVE-2022-31214 - root escalation in --join logic
    Reported by  Matthias Gerstner, working exploit code was provided to our
    development team. In the same time frame, the problem was independently
    reported by Birk Blechschmidt. Full working exploit code was also provided.

Comment 2 Alexander Makeenkov 2023-04-03 14:46:48 MSK

Обновлено в задании https://packages.altlinux.org/ru/tasks/317165/