14 matches found
Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...
USN-8255-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
CVE-2023-2640/3262-PoC Minimal PoCs for Ubuntu OverlayFS loca...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
Ubuntu Privilege Escalation: CVE-2023-2640 and CVE-2023-32629...
Exploit for Cross-site Scripting in Kunalnagar Custom_404_Pro
I am not responsible if you use the code improperly or illegal...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
Check for CVE-2023-32629 GameOverlay Script Overview: Th...
CVE-2023-32629
A flaw was found in the Linux Kernel where the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. This flaw allows a local attacker to gain elevated privileges due to skipped permission in checking for trusted.overlayfs. xattrs...
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users
Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% o...
CVE-2023-2640
creationtimestamp| type| source ---|---|--- 2023-07-26 07:27:21+00:00| seen| https://t.me/cibsecurity/67283 2023-07-27 15:32:19+00:00| seen| https://t.me/sysodmins/18938 2023-07-27 15:34:09+00:00| seen| https://t.me/thehackernews/3659 2023-07-27 17:41:47+00:00| seen|...
CVE-2023-2640
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks...
CVE-2023-2640
CVE-2023-2640 describes a local privilege-escalation in Ubuntu kernels where overlayfs allows an unprivileged user to set privileged trusted.overlayfs.* xattrs on mounted files due to a skip-permission-check in overlayfs. This affects Ubuntu kernel builds carrying the c914c0e27eb0 change paired w...
CVE-2023-2640
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks...
Ubuntu: Security Advisory (USN-6248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6250-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...