CVE-2018-6560

Posted on 2018년 2월 2일2018년 2월 3일 by admin

CVE-2018-6560

In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.

Source: CVE-2018-6560

답글 남기기 응답 취소