Candidate: CVE-2016-10122
PublicDate: 2017-04-13 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10122
 http://www.openwall.com/lists/oss-security/2017/01/05/4
 https://github.com/netblue30/firejail/commit/3b81e1f2c331644ced87d26a943b22eed6242b8f
 https://github.com/netblue30/firejail/commit/72bc0e145c67da24e555d868086953148c52b5fc
Description:
 Firejail does not properly clean environment variables, which allows local
 users to gain privileges.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]

Patches_firejail:
upstream_firejail: released (0.9.44.2-1)
precise_firejail: DNE
precise/esm_firejail: DNE
trusty_firejail: DNE
trusty/esm_firejail: DNE
vivid/stable-phone-overlay_firejail: DNE
vivid/ubuntu-core_firejail: DNE
xenial_firejail: ignored (end of standard support, was needed)
yakkety_firejail: ignored (reached end-of-life)
zesty_firejail: not-affected (0.9.44.2-2)
artful_firejail: not-affected (0.9.44.2-2)
bionic_firejail: not-affected (0.9.44.2-2)
cosmic_firejail: not-affected (0.9.44.2-2)
disco_firejail: not-affected (0.9.44.2-2)
eoan_firejail: not-affected (0.9.44.2-2)
focal_firejail: not-affected (0.9.44.2-2)
groovy_firejail: not-affected (0.9.44.2-2)
hirsute_firejail: not-affected (0.9.44.2-2)
impish_firejail: not-affected (0.9.44.2-2)
jammy_firejail: not-affected (0.9.44.2-2)
devel_firejail: not-affected (0.9.44.2-2)