UBUNTU-CVE-2021-3982

Linux distributions using CAPSYSNICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAPSYSNICE is currently implemented and eventually load code to increase its process scheduler priority leading to possib...

[ASA-202107-48] linux: privilege escalation

Arch Linux Security Advisory ASA-202107-48 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2181 Summary ======= The...

Linux Kernel Netfilter Heap Out-Of-Bounds Write

/ CVE-2021-22555: Turning \x00\x00 into 10000$ by Andy Nguyen theflow@ theflow@theflow:$ gcc -m32 -static -o exploit exploit.c theflow@theflow:$ ./exploit + Linux Privilege Escalation by theflow@ - 2021 + STAGE 0: Initialization Setting up namespace sandbox... Initializing sockets and message...

The vulnerability of the xen-netback component in the Linux operating system allows a hacker to increase their privileges or expose sensitive information.

The vulnerability of the xen-netback component in the Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges or disclose sensitive information...

The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems allows a hacker to increase their privileges.

The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...

CVE-2020-12050

SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library...

SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules' Misconfigurations And Vulnerabilities Within Sudo

Linux Privilege Escalation through SUDO abuse. If you like the tool and for my personal motivation so as to develop other tools please a +1 star The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :. INTRO WARNING: SUDOKILLER is part of the KILLER...

Uptux - Linux Privilege Escalation Checks (Systemd, Dbus, Socket Fun, Etc)

Specialized privilege escalation checks for Linux systems. Implemented so far: Writable systemd paths, services, timers, and socket units Disassembles systemd unit files looking for: References to executables that are writable References to broken symlinks pointing to writeable directories Relati...

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Attention Linux Users! A new vulnerability has been discovered in Sudo —one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass iss...

CVE-2019-0693

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694...

RSAC 2019: Container Escape Hack Targets Vulnerable Linux Kernel

Researchers at CyberArk have created a proof-of-concept attack that allows adversaries to bypass container security, escape the container and compromise an entire host system. However, the attack scenario is limited, in that a successful attack depends on unpatched vulnerabilities to be present i...

CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary...

Microsoft Windows Subsystem for Linux Privilege Access Control Vulnerability

Microsoft Windows 10 and Windows Server Version 1803 are both operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is an operating system for personal computers.Windows Server Version 1803 is a server operating system. Windows Subsystem for Linux is one of the Linu...

CVE-2016-6492

The MT6573FDVTSetRegHW function in camerafdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOCTSETFDCONFCMD IOCTL call...

Linux Kernel recvmmsg Privilege Escalation

This module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13 kernels: 3.8.0-19-generic 13.04 default; 3.11.0-12-generic 13.10 default; 3.11.0-15-generic 13.10. This exploit may take...

The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges

Local users with the CAPSYSADMIN privilege can elevate their privileges by using the XFS file system...

The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges

A local user can increase their privileges by passing a parameter vcpuid with a high value...

Linux Kernel Sendpage Local Privilege Escalation

Exploit for linux platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

IBM DB2 Multiple Vulnerabilities - Dec09 (Linux)

The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbibmdb2multvulnlindec09.nasl 4869 2016-12-29 11:01:45Z teissa $ IBM DB2 Multiple Vulnerabilities - Dec09 Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH,...

DTSA-64-1 util-linux - privilege escalation in mount / umount

Bulletin has no description...