4206 matches found
USN-3161-1 linux vulnerabilities
Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...
CVE-2016-1576
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program...
CVE-2015-1328
CVE-2015-1328 affects the Linux kernel overlayfs by failing to properly check permissions for file creation in the upperdir when overlayfs is allowed in an arbitrary mount namespace. This enables local users to escalate to root on systems with overlayfs and user namespaces enabled, notably Ubuntu...
CVE-2015-1328
The overlayfs implementation in the linux aka Linux kernel package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs i...
Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to escalate their privileges
The vulnerabilities of Microsoft Edge and Internet Explorer are related to errors in access control of namespace resources. Exploiting these vulnerabilities can allow a malicious actor to enhance their privileges using undefined vectors...
Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to escalate their privileges
The vulnerabilities of Microsoft Edge and Internet Explorer are related to errors in access control for namespace resources. Exploiting these vulnerabilities can allow a malicious actor to enhance their privileges remotely...
Ubuntu 14.0415.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation
Ubuntu 14.0415.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation Source: http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/ Introduction Problem description: Linux user namespace allows to mount file systems as normal user, including the...
Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation
Source: http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/ Introduction Problem description: Linux user namespace allows to mount file systems as normal user, including the overlayfs. As many of those features were not designed with namespaces in mind, this...
openSUSE Security Update : libxml2 (openSUSE-2016-1259)
This update for libxml2 fixes the following issues : - CVE-2016-4658: Use after free via namespace node in XPointer ranges bsc1005544. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=879 Windows: Edge/IE Isolated Private Namespace Insecure DACL EoP Platform: Windows 10 10586, Edge 25.10586.0.0 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The isolated private namespace created by...
Microsoft Windows EdgeInternet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
Microsoft Windows EdgeInternet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation MS16-118 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=879 Windows: Edge/IE Isolated Private Namespace Insecure DACL EoP Platform: Windows 10 10586, Edge 25.10586.0.0 not...
Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=878 Windows: Edge/IE Isolated Private Namespace Insecure Boundary Descriptor EoP Platform: Windows 10 10586, Edge 25.10586.0.0 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The isolated private...
Microsoft Internet Explorer and Edge Remote Privilege Elevation Caveat
Microsoft Internet Explorer IE and Microsoft Edge are both web browsers developed by the American company Microsoft. The former is the default browser that came with operating systems before Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10...
Microsoft Browser Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when affected Microsoft browsers fail to properly secure private namespace. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges. The...
Microsoft Browser Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when affected Microsoft browsers fail to properly secure private namespace. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges. The...
Microsoft Browser Elevation of Privilege (MS16-118: CVE-2016-3387)
An Elevation of Privileges vulnerability exists in Internet Explorer and Edge. The vulnerability is due to a failure in properly securing a private namespace. A remote attacker could exploit this vulnerability by enticing a user to run a specially crafted executable...
CVE-2016-4658
xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...
CVE-2016-4658
xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...
UBUNTU-CVE-2016-4658
xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free an...
kernel: compat IPT_SO_SET_REPLACE setsockopt
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...