Bubblewrap Privilege Escalation Vulnerability in Setuid Mode via Ptrace
Vulnerability
A privilege escalation vulnerability has been identified in Bubblewrap versions 0.11.0 prior to 0.11.2, when installed in setuid mode. This vulnerability allows users to use ptrace to attach to Bubblewrap and manipulate the unprivileged part of the sandbox setup phase. As a result, attackers can arbitrarily execute privileged operations, particularly the 'overlay mount' operation, which is otherwise restricted in the setuid version of Bubblewrap. The issue has been patched in version 0.11.2.
Impact
Exploitation of this vulnerability allows for unauthorized privilege escalation by manipulating the sandbox setup phase, enabling the use of restricted privileged operations such as creating overlay mounts.
Remediation
Users should update to Bubblewrap version 0.11.2. Those using setuid mode should transition to a non-setuid version of Bubblewrap, as support for setuid will be removed in future releases.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.