55 matches found
Exploit for Improper Ownership Management in Debian Debian_Linux
HTB-TwoMillion-Writeup HackTheBox TwoMillion machine writeup —...
K000152448: Linux kernel vulnerability CVE-2023-0386
Security Advisory Description A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug...
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities KEV catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 CVSS score: 7.8, is an improper...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2023-0386link is external Linux Kernel Improper Ownership Management Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...
Linux OverlayFS Local Privilege Escalation Exploit
This Metasploit module exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mou...
Local Privilege Escalation via CVE-2023-0386
This exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another...
Exploit for Improper Ownership Management in Debian Debian_Linux
Install compilation environment bash sudo apt install -y gcc...
CVE-2023-0386 affecting package hyperv-daemons 5.10.185.1-1
CVE-2023-0386 affecting package hyperv-daemons 5.10.185.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-0386 affecting package kernel 5.10.183.1-1
CVE-2023-0386 affecting package kernel 5.10.183.1-1. An upgraded version of the package is available that resolves this issue...
LSN-0095-1: Kernel Live Patch Security Notice
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.CVE-2023-0386 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel...
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP4) (SUSE-SU-2023:2459-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2459-1 advisory. This update for the Linux Kernel 5.14.21-1504002455 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed...
SUSE SLES15 Security Update : kernel (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2023:2443-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2443-1 advisory. This update for the Linux Kernel 5.14.21-1504002433 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed...
SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP4) (SUSE-SU-2023:2369-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2369-1 advisory. This update for the Linux Kernel 5.14.21-1504001518 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed...
SUSE-SU-2023:2443-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002433 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
SUSE-SU-2023:2431-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002438 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
SUSE-SU-2023:2384-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504001511 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
[SECURITY] [DLA 3446-1] linux-5.10 security update
Debian LTS Advisory DLA-3446-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 05, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.179-1deb10u1 CVE ID : CVE-2023-0386 CVE-2023-31436 CVE-2023-32233 Debian Bug : 1035779 Several vulnerabilitie...
SUSE-SU-2023:2371-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-150400155 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:2231-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2231-1 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were...
Debian: Security Advisory (DSA-5402-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...