CVE-2016-8659
Published
CVSS v3
N/A
CVSS v2
6.9
MEDIUM
Affected
1
PROJECT
Description
Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket.
Low-level unprivileged sandboxing tool used by Flatpak and similar projects
GitHub