flatpak-1.12.9-1.el9_4
エラータID: AXSA:2024-8421:05
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
Security Fix(es):
* flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
CVE-2024-32462
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Flatpak app, optionally along with some arguments. However it is possible to instead pass `bwrap` arguments to `--command=`, such as `--bind`. It's possible to pass an arbitrary `commandline` to the portal interface `org.freedesktop.portal.Background.RequestBackground` from within a Flatpak app. When this is converted into a `--command` and arguments, it achieves the same effect of passing arguments directly to `bwrap`, and thus can be used for a sandbox escape. The solution is to pass the `--` argument to `bwrap`, which makes it stop processing options. This has been supported since bubblewrap 0.3.0. All supported versions of Flatpak require at least that version of bubblewrap. xdg-desktop-portal version 1.18.4 will mitigate this vulnerability by only allowing Flatpak apps to create .desktop files for commands that do not start with --. The vulnerability is patched in 1.15.8, 1.10.9, 1.12.9, and 1.14.6.
Update packages.
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Flatpak app, optionally along with some arguments. However it is possible to instead pass `bwrap` arguments to `--command=`, such as `--bind`. It's possible to pass an arbitrary `commandline` to the portal interface `org.freedesktop.portal.Background.RequestBackground` from within a Flatpak app. When this is converted into a `--command` and arguments, it achieves the same effect of passing arguments directly to `bwrap`, and thus can be used for a sandbox escape. The solution is to pass the `--` argument to `bwrap`, which makes it stop processing options. This has been supported since bubblewrap 0.3.0. All supported versions of Flatpak require at least that version of bubblewrap. xdg-desktop-portal version 1.18.4 will mitigate this vulnerability by only allowing Flatpak apps to create .desktop files for commands that do not start with --. The vulnerability is patched in 1.15.8, 1.10.9, 1.12.9, and 1.14.6.
N/A
SRPMS
- flatpak-1.12.9-1.el9_4.src.rpm
MD5: 834f06dd1bdb5c2f1f3ec0c5f994fac3
SHA-256: ae4dd361dbd3fd9e06305bb408599d5e1663b7e45fe376988f865fa1a1f8399d
Size: 1.52 MB
Asianux Server 9 for x86_64
- flatpak-1.12.9-1.el9_4.i686.rpm
MD5: ae4b05556e1ea7e9c185b69dc31cc1e1
SHA-256: 448ac171155a6c737e1ef9f697bbcc953505d20fe6a46cf18a983b67e068b468
Size: 1.76 MB - flatpak-1.12.9-1.el9_4.x86_64.rpm
MD5: a3260c4968684911a20af21c4bb9b5be
SHA-256: c32eb11ac6ba7972b3afd316a80c2121712e8ce2aa4894e39f9a4883e5362142
Size: 1.72 MB - flatpak-devel-1.12.9-1.el9_4.i686.rpm
MD5: 0758174d092d5fc601cd79d9646a23e2
SHA-256: 3c57f8af8947fc3076e31f8a30a191fe4ab206b5aa597fcaf4a7ae948db738e0
Size: 117.49 kB - flatpak-devel-1.12.9-1.el9_4.x86_64.rpm
MD5: c993112184bf89c2a049869749345808
SHA-256: 74f177277b83a46e8ce382482af1610e889a57df584e9f065496f267b881cccc
Size: 117.53 kB - flatpak-libs-1.12.9-1.el9_4.i686.rpm
MD5: a0650cac261ba5b73a7bc8f62b98af54
SHA-256: 028de85ede4c46086ecba83b85d6bf961b9856e6ac4474ed081e65cc625f73b4
Size: 517.71 kB - flatpak-libs-1.12.9-1.el9_4.x86_64.rpm
MD5: 3a7a03690fcc2473a064cd3d9e049191
SHA-256: d68507cd02dfea0fb272c4270f1e3a16d4220de9f90b16b588f7361b30797cd6
Size: 494.33 kB - flatpak-selinux-1.12.9-1.el9_4.noarch.rpm
MD5: 9aaa9ee0f3649d26bdf3d6571895e987
SHA-256: d8faf125e20f7789e384661e10b5812efa9a2a3d85db333fe58883196d5a61f1
Size: 20.60 kB - flatpak-session-helper-1.12.9-1.el9_4.i686.rpm
MD5: 5b431a84879267c083f51c0e5c3aabe8
SHA-256: 18b0ec19351efd2780782600605f409ffc09c4abcc76582a3334f627444c18b6
Size: 73.67 kB - flatpak-session-helper-1.12.9-1.el9_4.x86_64.rpm
MD5: 9e5d5add61c6171396a68522869aa7dc
SHA-256: 519811facc2294091e7126d822b999dd6280665420b7c07967b44ac4c7ff1853
Size: 71.95 kB