F-Secure Linux Security 资源管理错误漏洞

F-Secure Linux Security is an integrated, out-of-the-box security solution from Finland's F-Secure. Featuring robust real-time protection against viruses and potentially harmful applications, it also includes Host Intrusion Prevention Hips functionality that protects against unauthorized system...

util-linux has unspecified vulnerabilities

util-linux is an open source package. util-linux suffers from a security vulnerability that stems from the partial disclosure of arbitrary files in CHFN and CHSH when Util-linux is compiled with libreadline. No detailed vulnerability details are available...

GHSA-V4H8-794J-G8MM Arbitrary File Override in Docker Engine

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

Arbitrary File Override in Docker Engine

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

Oracle Linux 8 : samba (ELSA-2022-0332)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0332 advisory. - resolves: rhbz2046174 - Fix username map script regression of CVE-2020-25717 - resolves: rhbz2046152 - Fix CVE-2021-44142 Tenable has extracted the preceding...

netfilter 安全漏洞

netfilter is a packet filtering framework used on Linux systems. A security vulnerability exists in the netfilter version, which stems from a null pointer pointer dereference vulnerability in nf tables api.c, which can be exploited by an attacker to cause a denial of service attack...

The vulnerability of the TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE system call implementations in Linux operating systems allows a malicious actor to trigger a service failure or increase their privileges.

The vulnerability of the TEEIOCOPENSESSION or TEEIOCINVOKE system call implementations in Linux operating systems is related to the use of uninitialized resources. Exploiting this vulnerability can allow an attacker to cause service failures or increase their privileges...

Medium: containerd

Issue Overview: A flaw was found in containerd. Access controls for the shim's API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network...

grub2 安全漏洞

grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that stems from incorrect permissions in grub.cfg, which allow unprivileged users to read the contents of the file...

SUSE-SU-2021:3523-1 Security update for util-linux

This update for util-linux fixes the following issues: Update to version 2.33.2 to provide seamless update from SLE12 SP5 to SLE15 SP2: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in getsemelements in sys-utils/ipcutils.c bsc1188921. - agetty: Fix 8-bit...

SUSE-SU-2021:3463-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2021-37600: Fixed an integer overflow which could lead to buffer overflow in getsemelements. bsc1188921 - Prevent outdated pam files bsc1082293, bsc1081947c68. - Do not trim read-only volumes bsc1106214. - libmount: To prevent incorrect...

Unpatched Apple Zero-Day Allows Code Execution

A zero-day security vulnerability in Apple’s macOS Finder system could allow remote attackers to trick users into running arbitrary commands, according to researchers – and a silent patch hasn’t fixed it. For those not in the Apple camp, the macOS Finder is the default file manager and GUI...

Key Takeaways from the Linux Threat Report

As the popularity of Linux continues to increase, so does its attack surface. This brings to light a pressing question for organizations: who is responsible for the security of all the Linux instances running your cloud environment?...

CVE-2021-1094

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure...

Amazon Linux AMI : containerd (ALAS-2021-1523)

The version of containerd installed on the remote host is prior to 1.4.6-2.7. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1523 advisory. A bug was discovered in containerd where pulling and extracting a specially-crafted container image can result in Unix file...

SUSE SLES12 Security Update : containerd (SUSE-SU-2021:2413-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:2413-1 advisory. - containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted...

[ASA-202107-48] linux: privilege escalation

Arch Linux Security Advisory ASA-202107-48 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2181 Summary ======= The...

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

DEBIAN-CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...