Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
Linux Kernel 6.x/5.15 LTS
Exploit
CVE-2017-5206
NVD
Refer to CVE-2017-5206 NVD advisory