{"id":"CVE-2016-9016","details":"Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.","modified":"2026-04-10T03:54:01.590764Z","published":"2017-01-19T20:59:00.690Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93899"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2016/10/25/3"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2016/10/25/9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/netblue30/firejail","events":[{"introduced":"0"},{"last_affected":"19302eb4a3f6d8594f87019018a434439ff4bde4"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.9.38.4"}]}}],"versions":["0.9.30","0.9.30-rc1","0.9.32","0.9.32-rc1","0.9.34","0.9.34-rc1","0.9.36","0.9.36-rc1","0.9.38","0.9.38-rc1","0.9.38.2","0.9.38.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9016.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}