4210 matches found
kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...
kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...
Apache Struts Remote Code Execution Vulnerability
Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or...
Kubernetes authenticated code execution
Execute a payload within a Kubernetes pod. Module Options msf use exploit/multi/kubernetes/exec msf exploitexec show targets ...targets... msf exploitexec set TARGET msf exploitexec show options ...show and set options... msf exploitexec exploit -- coding: binary -- This module requires Metasploi...
The vulnerability of the `squashfs_opendir` function in the `unsquash-1.c` component of the Squashfs-Tools tooling suite relates to name space limitations on directories. This vulnerability allows an attacker to compromise data integrity and cause service failures.
The vulnerability of the squashfs-opendir function in the unsquash-1.c component of the Squashfs-Tools tooling suite relates to deficiencies in pathname limitation. Exploiting this vulnerability could allow an attacker to compromise data integrity and cause service failures...
CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact...
CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact...
Moderate: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
CVE-2021-3493 Ubuntu OverlayFS Local Privesc Affected Vers...
CVE-2021-38209
linux is vulnerable to information disclosure. The vulnerability exists due to an allowable observation of changes in any net namespace which can be leaked into all other net namespaces...
UBUNTU-CVE-2021-39584
An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function namespacesethash located in pool.c. It allows an attacker to cause Denial of Service...
Migration Toolkit For Containers 数据伪造问题漏洞
Red Hat Migration Toolkit For Containers Mtc is a container migration toolkit from Red Hat, Inc. It is used to provide a web console and Api based on Kubernetes custom resources to help control migration and minimize application downtime. Migration Toolkit For Containers is vulnerable to a data...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1, discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user namespace. The exploit is tested on Ubuntu 5.8.0-48-generic and CO...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX NF_SYSCTL_CT_EXPECT_MAX and NF_SYSCTL_CT_BUCKETS sysctls.
...