CVE-2019-11461

EUVD-2019-3134
An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
gnomenautilus
3.30 ≤
𝑥
< 3.30.6
gnomenautilus
3.32 ≤
𝑥
< 3.32.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nautilus
bookworm
43.2-1
fixed
bullseye
3.38.2-1+deb11u1
fixed
jessie
not-affected
sid
47.0-2
fixed
stretch
not-affected
trixie
47.0-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nautilus
bionic
not-affected
cosmic
not-affected
disco
Fixed 1:3.32.1-0ubuntu0.19.04.0
released
trusty
dne
xenial
not-affected
References
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00088.html
https://gitlab.gnome.org/GNOME/nautilus/issues/987
https://security.gentoo.org/glsa/201908-27
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00088.html
https://gitlab.gnome.org/GNOME/nautilus/issues/987
https://security.gentoo.org/glsa/201908-27