flatpak-1.8.5-5.el8
エラータID: AXSA:2022-2960:02
リリース日:
2022/01/15 Saturday - 00:45
題名:
flatpak-1.8.5-5.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Flatpak には、Wayland、Pipewire、pipewire-pulseで使用されるような AF_UNIX ソケットに
直接接続する Flatpak アプリケーションが、ポータルやホスト OS のサービスを欺き、
Flatpakアプリケーションを普通のサンドボックス化されていないプロセスとして認識させるため、
Flatpak の denylist seccomp フィルタでブロックされない最新の mount システムコールを
使用している VFS を操作することで、巧妙に細工された "./flatpak-info" に置き換えたり
完全に消去する問題があり、Flatpak アプリケーションが Wayland、Pipewire、pipewire-pulse に
使用されている AF_UNIX ソケットのクライアントとして動作する場合、対応するサービスが
Flatpak アプリケーションに与えられている権限を昇格させることができる脆弱性があります。
(CVE-2021-41133)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-41133
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.
追加情報:
N/A
ダウンロード:
SRPMS
- flatpak-1.8.5-5.el8.src.rpm
MD5: cbb66f11da8688ef2b4710844101689b
SHA-256: 52fa6ee5bb8f4f7bb98b93b9732b6a19df5c42bc3f90d160f7b2a083c4c35961
Size: 1.39 MB
Asianux Server 8 for x86_64
- flatpak-1.8.5-5.el8.x86_64.rpm
MD5: 20346f44db561b2dac767bec28ad61f4
SHA-256: d69698c5673e452d9d33fb9cda8dd234ae40f8d12174cec1eb336604ac5b3662
Size: 1.60 MB - flatpak-libs-1.8.5-5.el8.x86_64.rpm
MD5: 240849c27546bd0d9139c117ff1f9e10
SHA-256: c81e13acf706c24cc88aae96c331a80d6cfc8c18a442caff2b5aa5d2717f776e
Size: 438.82 kB - flatpak-selinux-1.8.5-5.el8.noarch.rpm
MD5: 06d017696aa0efd3a5b0499dfbbc4ea0
SHA-256: 4a9b7b381ff51ae69a16220068d039740b150dd2a9da8cce6c9d1c862174fdf4
Size: 25.95 kB - flatpak-session-helper-1.8.5-5.el8.x86_64.rpm
MD5: 0b328bb6511f61609b0dff925ab61265
SHA-256: b3203b742cde774d179962c4d46345c82c06547f9522f2aa0e0d42b11268d3e9
Size: 73.98 kB - flatpak-libs-1.8.5-5.el8.i686.rpm
MD5: 0c9f7e52ef5f4ad01516e42713a805e1
SHA-256: 438cce84bc8de0f6025ec1f944c389f5677aad4d36d7b13002d2fb1d81d013e1
Size: 457.44 kB