Unspecified Vulnerability in KubeVirt

Kubevirt is a virtual machine manager. A security vulnerability exists in KubeVirt versions prior to 0.26.0, which can be exploited by an attacker to read the contents of any secret attached to its namespace...

KubeVirt 安全漏洞

Kubevirt is a virtual machine manager. A security vulnerability exists in KubeVirt versions prior to 0.26.0, which can be exploited by an attacker to read the contents of any secret attached to its namespace...

GHSA-C3XM-PVG7-GH7R mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs

Summary runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack whereby an attacker can request a seemingly-innocuous container configuration that actually results in the host filesystem being bind-mounted into the container allowing for a container escape. CVE-2021-30465 has been...

mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs

Summary runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack whereby an attacker can request a seemingly-innocuous container configuration that actually results in the host filesystem being bind-mounted into the container allowing for a container escape. CVE-2021-30465 has been...

containerd-shim API Exposed to Host Network Containers

Impact Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through a pivotroot race condition in fs/namespace.c by corrupting a mountpoint reference counter...

kernel: netfilter: use-after-free in the packet processing context

A use-after-free flaw was found in the packet processing context in net/netfilter/xtables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAPNETADMIN capability in an...

raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer

raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

LSN-0076-1: Kernel Live Patch Security Notice

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT compil...

Forced Browsing in Twisted

Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...

SUSE: Security Advisory (SUSE-SU-2020:2861-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...

Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the Linux namespace ptrace functionality of Microsoft Azure Sphere 21.01. Specially crafted shellcode could allow an adversary to execute unsigned code. An attacker can change the namespace and use ptrace to modify the code of a running...

Debian: Security Advisory (DSA-4890-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability

Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...

Microsoft Azure Sphere mount namespace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...

[SECURITY] [DSA 4890-1] ruby-kramdown security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4890-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2021 https://www.debian.org/security/faq -...

OESA-2021-1102 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they don't...

The vulnerability of Containerd’s execution environment, related to the lack of privilege checks for containers with UID 0 in the same namespace as the shim, allows a attacker to access confidential data and compromise its integrity.

The vulnerability of Containerd’s execution environment is related to the lack of privilege checks for containers with UID 0 in the same namespace as the shim. Exploiting this vulnerability allows an attacker to access confidential data and compromise its integrity...

The vulnerability of the `--userns-remap` option, a Docker containerization-enabled deployment and application management automation tool, is related to an incorrect path name limitation for the directory. This vulnerability allows attackers to compromise data integrity.

The vulnerability of the --userns-remap option, a tool for automating application deployment and management in Docker containerized environments, is related to an incorrect restriction on the path name to the directory. Exploiting this vulnerability allows a malicious actor to compromise data...