Impact
A flaw in Ubuntu’s OpenJDK packages allows an attacker to escape the application sandbox by creating a malicious executable .jar file on the host file system. When the mailcap package is installed, the system’s .jar MIME handler automatically executes files that have the executable bit set. This improper input validation (CWE-20) gives an attacker the ability to run arbitrary code outside the sandbox, potentially leading to full system compromise.
Affected Systems
Ubuntu systems that include the OpenJDK packages together with the mailcap package and the xdg-desktop-portal-gtk component are affected. No specific package version range is provided, so the vulnerability applies to any installation that has these components installed.
Risk and Exploitability
The vulnerability carries a CVSS score of 8.8, indicating a high severity. EPSS is not available and the issue is not listed in CISA KEV, suggesting no known public exploitation yet. The likely attack path involves a sandboxed application with access to the OpenURI portal writing a malicious .jar file to disk, marking it executable, and then triggering the system’s MIME handler to run it. Successful exploitation would bypass the sandbox and grant the attacker arbitrary code execution on the host.
OpenCVE Enrichment
Ubuntu USN