OUTSOURCED CYBERSECURITY SUPPORT AND MANAGED SERVICES

Vulnerability & Exploit Database

Vulnerabilities and exploits collected over reliable resources for security professionals and researchers to review

Red Hat: CVE-2021-21261: (Multiple Advisories)

Severity:
7
CVSS:
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published:
01/14/2020
Created:
02/02/2020
Added:
02/02/2020
Modified:
02/24/2020

Description:

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.10.0.'

Solution(s)


  • redhat-upgrade-flatpak
  • redhat-upgrade-flatpak-builder
  • redhat-upgrade-flatpak-debuginfo
  • redhat-upgrade-flatpak-debugsource
  • redhat-upgrade-flatpak-devel
  • redhat-upgrade-flatpak-libs
  • redhat-upgrade-flatpak-libs-debuginfo
  • redhat-upgrade-flatpak-selinux
  • redhat-upgrade-flatpak-session-helper
  • redhat-upgrade-flatpak-session-helper-debuginfo
  • redhat-upgrade-flatpak-tests-debuginfo

Reference(s)

  • DSA-4830
  • CVE-2021-21261
WHAT WE DO

OTHER SERVICES

Consulting Services

We help your team successfully protect your company within your budget.

LEARN MORE

Application Security Services

Achieve more-secure applications, compliant environments, and safer systems development with streamlined and repeatable processes.

LEARN MORE

Data Security Services

Protectyour critical data across multiple environments, meet privacy regulations and simplify operational complexity.

LEARN MORE

Cloud Security Testing Services

Identify cloud vulnerabilities that tools alone cannot find.

LEARN MORE

Security Risk Services

Secure your operations and respond to threats with accuracy and speed.

LEARN MORE

Cloud Security Monitoring Services

Real-time threat detection across your cloud deployments.

LEARN MORE