{"api_version":"1","generated_at":"2026-04-12T00:32:01+00:00","cve":"CVE-2021-41133","urls":{"html":"https://cve.report/CVE-2021-41133","api":"https://cve.report/api/cve/CVE-2021-41133.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-41133","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-41133"},"summary":{"title":"CVE-2021-41133","description":"Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.","state":"PUBLIC","assigner":"security-advisories@github.com","published_at":"2021-10-08 14:15:00","updated_at":"2023-12-23 10:15:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5DKCYRC6MFSTFCUP4DELCOUUP3SFEFX/","name":"FEDORA-2021-c5a9c85737","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: flatpak-1.10.5-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/flatpak/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca","name":"https://github.com/flatpak/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca","refsource":"MISC","tags":[],"title":"common: Add a list of recently-added Linux syscalls · flatpak/flatpak@26b1248 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48","name":"https://github.com/flatpak/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48","refsource":"MISC","tags":[],"title":"run: Add cross-references for some other seccomp syscall filters · flatpak/flatpak@89ae9fe · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999","name":"https://github.com/flatpak/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999","refsource":"MISC","tags":[],"title":"run: Don't allow unmounting filesystems · flatpak/flatpak@1330662 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f","name":"https://github.com/flatpak/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f","refsource":"MISC","tags":[],"title":"run: Disallow recently-added mount-manipulation syscalls · flatpak/flatpak@9766ee0 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5DKCYRC6MFSTFCUP4DELCOUUP3SFEFX/","name":"FEDORA-2021-c5a9c85737","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: flatpak-1.10.5-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2021/dsa-4984","name":"DSA-4984","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4984-1 flatpak","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf","name":"https://github.com/flatpak/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf","refsource":"MISC","tags":[],"title":"run: Add an errno value to seccomp filters · flatpak/flatpak@e26ac75 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf","name":"https://github.com/flatpak/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf","refsource":"MISC","tags":[],"title":"run: Don't allow chroot() · flatpak/flatpak@462fca2 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q","name":"https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q","refsource":"CONFIRM","tags":[],"title":"CVE-2021-41133: Sandbox bypass via recent VFS-manipulating syscalls · Advisory · flatpak/flatpak · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2021/10/26/9","name":"[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006","refsource":"MLIST","tags":[],"title":"oss-security - WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330","name":"https://github.com/flatpak/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330","refsource":"MISC","tags":[],"title":"run: Block clone3() in sandbox · flatpak/flatpak@a10f52a · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/flatpak/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36","name":"https://github.com/flatpak/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36","refsource":"MISC","tags":[],"title":"run: Block setns() · flatpak/flatpak@4c34815 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202312-12","name":"GLSA-202312-12","refsource":"","tags":[],"title":"Flatpak: Multiple Vulnerabilities (GLSA 202312-12) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5656ONDP2MGKIJMKEC7N2NXCV27WGTC/","name":"FEDORA-2021-4b201d15e6","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: flatpak-1.10.5-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5656ONDP2MGKIJMKEC7N2NXCV27WGTC/","name":"FEDORA-2021-4b201d15e6","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: flatpak-1.10.5-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-41133","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41133","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"41133","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"41133","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"41133","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"41133","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"flatpak","cpe5":"flatpak","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-41133","qid":"159441","title":"Oracle Enterprise Linux Security Update for flatpak (ELSA-2021-4042)"},{"cve":"CVE-2021-41133","qid":"159442","title":"Oracle Enterprise Linux Security Update for flatpak (ELSA-2021-4044)"},{"cve":"CVE-2021-41133","qid":"178821","title":"Debian Security Update for flatpak (DSA 4984-1)"},{"cve":"CVE-2021-41133","qid":"182702","title":"Debian Security Update for flatpak (CVE-2021-41133)"},{"cve":"CVE-2021-41133","qid":"198605","title":"Ubuntu Security Notification for Flatpak Vulnerability (USN-5191-1)"},{"cve":"CVE-2021-41133","qid":"239746","title":"Red Hat Update for flatpak (RHSA-2021:4044)"},{"cve":"CVE-2021-41133","qid":"239747","title":"Red Hat Update for flatpak (RHSA-2021:4042)"},{"cve":"CVE-2021-41133","qid":"239763","title":"Red Hat Update for flatpak (RHSA-2021:4107)"},{"cve":"CVE-2021-41133","qid":"239770","title":"Red Hat Update for flatpak (RHSA-2021:4106)"},{"cve":"CVE-2021-41133","qid":"257125","title":"CentOS Security Update for flatpak (CESA-2021:4044)"},{"cve":"CVE-2021-41133","qid":"281974","title":"Fedora Security Update for flatpak (FEDORA-2021-4b201d15e6)"},{"cve":"CVE-2021-41133","qid":"282022","title":"Fedora Security Update for flatpak (FEDORA-2021-c5a9c85737)"},{"cve":"CVE-2021-41133","qid":"296061","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 42.113.1 Missing (CPUJAN2022)"},{"cve":"CVE-2021-41133","qid":"355398","title":"Amazon Linux Security Advisory for flatpak : ALAS2-2023-2076"},{"cve":"CVE-2021-41133","qid":"376874","title":"Alibaba Cloud Linux Security Update for flatpak (ALINUX2-SA-2021:0063)"},{"cve":"CVE-2021-41133","qid":"377096","title":"Alibaba Cloud Linux Security Update for flatpak (ALINUX3-SA-2021:0075)"},{"cve":"CVE-2021-41133","qid":"501849","title":"Alpine Linux Security Update for flatpak"},{"cve":"CVE-2021-41133","qid":"502083","title":"Alpine Linux Security Update for flatpak"},{"cve":"CVE-2021-41133","qid":"671162","title":"EulerOS Security Update for flatpak (EulerOS-SA-2021-2799)"},{"cve":"CVE-2021-41133","qid":"710812","title":"Gentoo Linux Flatpak Multiple Vulnerabilities (GLSA 202312-12)"},{"cve":"CVE-2021-41133","qid":"751256","title":"OpenSUSE Security Update for flatpak (openSUSE-SU-2021:3472-1)"},{"cve":"CVE-2021-41133","qid":"751305","title":"OpenSUSE Security Update for flatpak (openSUSE-SU-2021:1400-1)"},{"cve":"CVE-2021-41133","qid":"752593","title":"SUSE Enterprise Linux Security Update for flatpak (SUSE-SU-2022:3284-1)"},{"cve":"CVE-2021-41133","qid":"752628","title":"SUSE Enterprise Linux Security Update for flatpak (SUSE-SU-2022:3439-1)"},{"cve":"CVE-2021-41133","qid":"940169","title":"AlmaLinux Security Update for flatpak (ALSA-2021:4042)"},{"cve":"CVE-2021-41133","qid":"960040","title":"Rocky Linux Security Update for flatpak (RLSA-2021:4042)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security-advisories@github.com","ID":"CVE-2021-41133","STATE":"PUBLIC","TITLE":"Sandbox bypass via recent VFS-manipulating syscalls"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"flatpak","version":{"version_data":[{"version_value":">= 1.8.0, <= 1.8.2"},{"version_value":">= 1.10.0, < 1.10.4"},{"version_value":">= 1.11.0, < 1.12.0"}]}}]},"vendor_name":"flatpak"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version."}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20: Improper Input Validation"}]}]},"references":{"reference_data":[{"name":"https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q","refsource":"CONFIRM","url":"https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q"},{"name":"https://github.com/flatpak/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999"},{"name":"https://github.com/flatpak/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca"},{"name":"https://github.com/flatpak/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf"},{"name":"https://github.com/flatpak/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36"},{"name":"https://github.com/flatpak/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48"},{"name":"https://github.com/flatpak/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f"},{"name":"https://github.com/flatpak/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330"},{"name":"https://github.com/flatpak/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf","refsource":"MISC","url":"https://github.com/flatpak/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf"},{"refsource":"FEDORA","name":"FEDORA-2021-4b201d15e6","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5656ONDP2MGKIJMKEC7N2NXCV27WGTC/"},{"refsource":"DEBIAN","name":"DSA-4984","url":"https://www.debian.org/security/2021/dsa-4984"},{"refsource":"MLIST","name":"[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006","url":"http://www.openwall.com/lists/oss-security/2021/10/26/9"},{"refsource":"FEDORA","name":"FEDORA-2021-c5a9c85737","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5DKCYRC6MFSTFCUP4DELCOUUP3SFEFX/"}]},"source":{"advisory":"GHSA-67h7-w3jq-vh4q","discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2021-10-08 14:15:00","lastModifiedDate":"2023-12-23 10:15:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*","versionStartIncluding":"1.10.0","versionEndExcluding":"1.10.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*","versionEndExcluding":"1.8.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:flatpak:flatpak:*:*:*:*:*:*:*:*","versionStartIncluding":"1.11.1","versionEndExcluding":"1.12.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"41133","Ordinal":"216899","Title":"CVE-2021-41133","CVE":"CVE-2021-41133","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"41133","Ordinal":"1","NoteData":"Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process. They can do this by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted `/.flatpak-info` or make that file disappear entirely. Flatpak apps that act as clients for AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can escalate the privileges that the corresponding services will believe the Flatpak app has. Note that protocols that operate entirely over the D-Bus session bus (user bus), system bus or accessibility bus are not affected by this. This is due to the use of a proxy process `xdg-dbus-proxy`, whose VFS cannot be manipulated by the Flatpak app, when interacting with these buses. Patches exist for versions 1.10.4 and 1.12.0, and as of time of publication, a patch for version 1.8.2 is being planned. There are no workarounds aside from upgrading to a patched version.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"41133","Ordinal":"2","NoteData":"2021-10-08","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"41133","Ordinal":"3","NoteData":"2021-10-28","Type":"Other","Title":"Modified"}]}}}