CVE-2026-34078: Complete sandbox escape leading to host file access and code execution in the host context

1 min read Original article ↗

Impact

Every Flatpak app is able to read and write arbitrary files on the host and execute code in the host context.

Description

The Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context.

Patches

The issue has been patched in version 1.16.4 and will be patched in the upcoming version 1.18.0.

Mitigations

Disabling the Flatpak Portal mitigates the issue but can result in misbehaving apps.

sudo systemctl --global mask flatpak-portal.service && systemctl --user stop flatpak-portal.service

Credits

Reported by Codean Labs