公告ID: KYLIN-2019-8308
安全等级: 重要
产品: Kylin V3
发布日期: 2019年2月11日
CVE: CVE-2019-8308
CVSS3评分: 7.7
概述:
This flaw appears to impact systems in special cases involving installing flatpak applications and runtimes system-wide. Installation of flatpak applications and runtimes locally should not be impacted. 描述:
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file. 系统版本:
KYLIN 3.3.x
受影响包列表:
flatpak