843 matches found
USN-8255-2: Linux kernel (Azure) vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8255-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8255-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform...
USN-8255-1: Linux kernel vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
kernel-exploits
Kernel Exploits ppkey Kernels: 3.8.0, 3.8.1, 3...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
CVE-2023-32629 — OverlayFS Local Full Privilege Escalation Ove...
SUSE CVE-2026-31465
In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...
EUVD-2026-24809
In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...
CVE-2026-31465
CVE-2026-31465 in the Linux kernel concerns the writeback path for filesystems without data integrity guarantees (e.g., fuse). The fix adds a SB_I_NO_DATA_INTEGRITY superblock flag; when set, sync kicks off writeback of dirty inodes but does not wait for flusher threads to finish. The change move...
PT-2026-34370
In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB I NO DATA INTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
OverlayFS-LPE-Exploit Type...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007464)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007464 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ovl: use only uppermetacopy state in ovllookup,...
ROS-20260414-73-0060
A vulnerability in the ovlpermission function of the fs/overlayfs/inode.c module of the Overlayfs file system of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
CVE-2023-2640/3262-PoC Minimal PoCs for Ubuntu OverlayFS loca...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005482)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005482 advisory. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernels OverlayFS...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
CVE-2021-3493 – Ubuntu OverlayFS Local Privilege Escalation...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
CVE-2021-3493 – Ubuntu OverlayFS Local Privilege Escalation...
GHSA-W4GW-W5JQ-G9JH vulnerabilities
Vulnerabilities for packages: wuzz, runc, cilium-envoy, k3s, k8s-device-plugin, aws-load-balancer-controller, gitness, fuse-overlayfs-snapshotter...
GHSA-W4GW-W5JQ-G9JH vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, gitness, k3s, rke2-runtime, runc, fuse-overlayfs-snapshotter, gendesk, localstack, cilium-envoy, backup-restore-operator, terraform, cilium-envoy-fips, aws-load-balancer-controller, k8s-device-plugin, nvidia-gpu-operator-validator, rke2-runtime-fips,...
CVE-2025-58190 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, gitness, k3s, rke2-runtime, runc, fuse-overlayfs-snapshotter, gendesk, localstack, cilium-envoy, backup-restore-operator, terraform, cilium-envoy-fips, aws-load-balancer-controller, k8s-device-plugin, nvidia-gpu-operator-validator, rke2-runtime-fips,...
CVE-2025-47911 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, gitness, k3s, rke2-runtime, runc, fuse-overlayfs-snapshotter, gendesk, localstack, cilium-envoy, backup-restore-operator, terraform, cilium-envoy-fips, aws-load-balancer-controller, k8s-device-plugin, nvidia-gpu-operator-validator, rke2-runtime-fips,...