flatpak-1.8.5-5.el8
エラータID: AXSA:2022-2960:02
Flatpak is a system for building, distributing, and running sandboxed
desktop applications on Linux.
Bug Fix(es) and Enhancement(s):
* CVE-2021-41133 flatpak: sandbox bypass via recent VFS-manipulating
syscalls
CVE-2021-41133
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.
Update packages.
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.
N/A
SRPMS
- flatpak-1.8.5-5.el8.src.rpm
MD5: cbb66f11da8688ef2b4710844101689b
SHA-256: 52fa6ee5bb8f4f7bb98b93b9732b6a19df5c42bc3f90d160f7b2a083c4c35961
Size: 1.39 MB
Asianux Server 8 for x86_64
- flatpak-1.8.5-5.el8.x86_64.rpm
MD5: 20346f44db561b2dac767bec28ad61f4
SHA-256: d69698c5673e452d9d33fb9cda8dd234ae40f8d12174cec1eb336604ac5b3662
Size: 1.60 MB - flatpak-libs-1.8.5-5.el8.x86_64.rpm
MD5: 240849c27546bd0d9139c117ff1f9e10
SHA-256: c81e13acf706c24cc88aae96c331a80d6cfc8c18a442caff2b5aa5d2717f776e
Size: 438.82 kB - flatpak-selinux-1.8.5-5.el8.noarch.rpm
MD5: 06d017696aa0efd3a5b0499dfbbc4ea0
SHA-256: 4a9b7b381ff51ae69a16220068d039740b150dd2a9da8cce6c9d1c862174fdf4
Size: 25.95 kB - flatpak-session-helper-1.8.5-5.el8.x86_64.rpm
MD5: 0b328bb6511f61609b0dff925ab61265
SHA-256: b3203b742cde774d179962c4d46345c82c06547f9522f2aa0e0d42b11268d3e9
Size: 73.98 kB - flatpak-libs-1.8.5-5.el8.i686.rpm
MD5: 0c9f7e52ef5f4ad01516e42713a805e1
SHA-256: 438cce84bc8de0f6025ec1f944c389f5677aad4d36d7b13002d2fb1d81d013e1
Size: 457.44 kB
日本語