Headline
CVE-2023-5557: cve-details
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.
Red Hat Product Security Center
Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.
Product Security Center
Related news
Red Hat Security Advisory 2023-7730-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Security Advisory 2023-7713-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Security Advisory 2023-7712-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.
Ubuntu Security Notice 6504-1 - It was discovered that tracker-miners incorrectly handled sandboxing. If a second security issue was discovered in tracker-miners, an attacker could possibly use this issue in combination with it to escape the sandbox.