openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...

Amazon Linux AMI : kernel (ALAS-2015-603)

A race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. CVE-2015-7613 Linux kernels built with th...

Windows Drivers are True’ly Tricky

Posted by James Forshaw, Driving for Bugs Auditing a product for security vulnerabilities can be a difficult challenge, and there’s no guarantee you’ll catch all vulnerabilities even when you do. This post describes an issue I identified in the Windows Driver code for Truecrypt, which has already...

[SECURITY] Fedora 22 Update: php-ZendFramework2-2.4.8-1.fc22

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

Hacking Team Android browser attacks during the vulnerability analysis Stage0-vulnerability warning-the black bar safety net

A, vulnerability introduction Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through javascript to the virtual memory writ...

Amazon Linux: Security Advisory (ALAS-2015-522)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Patches Privilege-Escalation Bug

There is a privilege-escalation vulnerability in several versions of Ubuntu that results from the fact that the operating system fails to check permissions when users are creating files in some specific circumstances. Security researcher Philip Pettersson discovered the vulnerability and reported...

Ubuntu: Security Advisory (USN-2644-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Privilege Escalation (Access /etc/shadow)

The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIGUSERNS=y and where overlayfs has the FSUSERNSMOUNT flag, which allows the mounting of overlayfs insi...

USN-2645-1: Linux kernel (Vivid HWE) vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

CVE-2015-1328

The overlayfs implementation in the linux aka Linux kernel package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs i...

UBUNTU-CVE-2015-1328

The overlayfs implementation in the linux aka Linux kernel package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs i...

Fedora 21 : kernel-4.0.4-202.fc21 (2015-9127)

The 4.0.4-202 update contains a fix for a namespace crash issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...

[SECURITY] Fedora 22 Update: php-ZendFramework2-2.3.8-1.fc22

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

[SECURITY] Fedora 20 Update: php-ZendFramework2-2.3.8-1.fc20

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

Design/Logic Flaw

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

CVE-2015-3629

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

CVE-2015-3629

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

Amazon Linux AMI : docker (ALAS-2015-522)

The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627 Libcontainer versi...

Critical: docker

Issue Overview: The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627...