20 Oct 2021
Vulnérabilité CVE-2021-42762 CVE Vulnerability
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVSS:0.0) (Last Update:2021-10-20)
Vulnerability Details : BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. Publish Date : 2021-10-20 Last Update Date : 2021-10-20 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-42762
- References For CVE-2021-42762
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-42762There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |