26 matches found
SUSE CVE-2018-18955
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypass access controls on resources...
Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (cron Method)
Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47164.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses crontab technique ---...
Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (polkit)
Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique ---...
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (polkit Method)
!/bin/sh EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique --- test@linux-mint-19-2:/kernel-exploits/CVE-2018-18955$ ./exploit.polkit.sh Compiling... Creating...
USN-3836-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.0...
USN-3836-2: Linux kernel (HWE) vulnerabilities
USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...
USN-3836-2 linux-hwe, linux-gcp vulnerabilities
USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3836-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3836-1 advisory. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could...
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3836-2)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3836-2 advisory. USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu: Security Advisory (USN-3835-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3836-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3832-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3833-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3836-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3836-1: Linux kernel vulnerabilities
Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. CVE-2018-18955 Philipp Wendler discovered that the overlayfs implementati...
USN-3833-1: Linux kernel (AWS) vulnerabilities
Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. CVE-2018-18955 Philipp Wendler discovered that the overlayfs implementati...
Ubuntu 18.10 : Linux kernel (AWS) vulnerabilities (USN-3832-1)
Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...
Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-3833-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3833-1 advisory. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could...
Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Nested User Namespace idmap Limit Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in Linux kernels...
Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit
This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root CVE-2018-18955. The target system must have unprivileged user namespaces enabl...