Lucene search
K

26 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.5 views

SUSE CVE-2018-18955

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypass access controls on resources...

7CVSS8AI score0.07611EPSS
Exploits24References3
0day.today
0day.today
added 2019/07/26 12:0 a.m.138 views

Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (cron Method)

Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47164.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses crontab technique ---...

4.4CVSS0.1AI score0.07611EPSS
Exploits24
0day.today
0day.today
added 2019/07/26 12:0 a.m.139 views

Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (polkit)

Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique ---...

4.4CVSS7AI score0.07611EPSS
Exploits24
Exploit DB
Exploit DB
added 2019/01/04 12:0 a.m.69 views

Linux Kernel 4.15.x &lt; 4.19.2 - &#039;map_write() CAP_SYS_ADMIN&#039; Local Privilege Escalation (polkit Method)

!/bin/sh EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique --- test@linux-mint-19-2:/kernel-exploits/CVE-2018-18955$ ./exploit.polkit.sh Compiling... Creating...

7CVSS7.3AI score0.07611EPSS
Exploits24
Cloud Foundry
Cloud Foundry
added 2018/12/06 12:0 a.m.33 views

USN-3836-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.0...

7CVSS5.3AI score0.07611EPSS
Exploits25
Ubuntu
Ubuntu
added 2018/12/04 4:49 a.m.81 views

USN-3836-2: Linux kernel (HWE) vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

7CVSS6.9AI score0.07611EPSS
Exploits25
OSV
OSV
added 2018/12/04 4:49 a.m.9 views

USN-3836-2 linux-hwe, linux-gcp vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

7CVSS6.6AI score0.07611EPSS
Exploits25References3
Tenable Nessus
Tenable Nessus
added 2018/12/04 12:0 a.m.56 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3836-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3836-1 advisory. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could...

7CVSS7.1AI score0.07611EPSS
Exploits25References3
Tenable Nessus
Tenable Nessus
added 2018/12/04 12:0 a.m.36 views

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3836-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3836-2 advisory. USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

7CVSS7.1AI score0.07611EPSS
Exploits25References3
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.253 views

Ubuntu: Security Advisory (USN-3835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.07611EPSS
Exploits28References2
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-3836-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS5.6AI score0.07611EPSS
Exploits25References2
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-3832-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.07611EPSS
Exploits28References2
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-3833-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS5.6AI score0.07611EPSS
Exploits25References2
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-3836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS5.6AI score0.07611EPSS
Exploits25References2
Ubuntu
Ubuntu
added 2018/12/03 7:40 p.m.68 views

USN-3836-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. CVE-2018-18955 Philipp Wendler discovered that the overlayfs implementati...

7CVSS6.9AI score0.07611EPSS
Exploits25
Ubuntu
Ubuntu
added 2018/11/30 6:31 a.m.69 views

USN-3833-1: Linux kernel (AWS) vulnerabilities

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. CVE-2018-18955 Philipp Wendler discovered that the overlayfs implementati...

7CVSS6.9AI score0.07611EPSS
Exploits25
Tenable Nessus
Tenable Nessus
added 2018/11/30 12:0 a.m.68 views

Ubuntu 18.10 : Linux kernel (AWS) vulnerabilities (USN-3832-1)

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...

7.8CVSS6.8AI score0.07611EPSS
Exploits28References7
Tenable Nessus
Tenable Nessus
added 2018/11/30 12:0 a.m.364 views

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-3833-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3833-1 advisory. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could...

7CVSS7.1AI score0.07611EPSS
Exploits25References3
Exploit DB
Exploit DB
added 2018/11/29 12:0 a.m.904 views

Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Nested User Namespace idmap Limit Local Privilege Escalation', 'Description' = %q This module exploits a vulnerability in Linux kernels...

7CVSS7.1AI score0.07611EPSS
Exploits24
0day.today
0day.today
added 2018/11/28 12:0 a.m.284 views

Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root CVE-2018-18955. The target system must have unprivileged user namespaces enabl...

0.3AI score0.07611EPSS
Exploits24
Rows per page
Query Builder