Launchpad.net

CVE 2016-9016

Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

CVE-2016-9016 (Candidate) is related to these bugs:

Bug #1655136: Multiple CVEs in xenial

		In	Importance	Status
1655136	Multiple CVEs in xenial	firejail (Ubuntu)	High	Fix Released
1655136	Multiple CVEs in xenial	firejail (Ubuntu Xenial)	High	Fix Released
1655136	Multiple CVEs in xenial	firejail (Ubuntu Zesty)	High	Fix Released

See the

CVE page on Mitre.org for more details.