Lucene search
K

91 matches found

RedHat Linux
RedHat Linux
added 2019/12/03 9:7 p.m.6 views

runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

7.5CVSS6.7AI score0.04409EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2019/02/05 12:0 a.m.4 views

The vulnerability of the fusermount module in file system drivers for UNIX-like operating systems allows a attacker to cause a service failure or other unpredictable behavior.

The vulnerability of the fusermount driver for file systems in UNIX-like operating systems relates to circumventing a limitation under SELinux’s mandatory access control policy. This allows users without root privileges to mount the FUSE file system with the “allowother” mount option, regardless ...

7.8CVSS6.6AI score0.01414EPSS
Exploits3References7Affected Software3
OpenVAS
OpenVAS
added 2019/01/16 12:0 a.m.10 views

Linux: SELinux state

Security Enhanced Linux SELinux use the Linux Security Modules and provides Mandatory Access Control MAC. A MAC kernel protects the system from malicious apps. To ensure SELinux functionality is in effect all times it has to be enabled at boot time. SPDX-FileCopyrightText: 2019 Greenbone AG Some...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/01/16 12:0 a.m.5 views

Linux: SELinux policy configuration

Security Enhanced Linux SELinux use the Linux Security Modules and provides Mandatory Access Control MAC. A MAC kernel protects the system from malicious apps. The SELinux policy is a set of rules that guide SELinux. The default targeted policy constraints daemons and system software only...

7.2AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/08/16 4:6 p.m.10 views

docker: container breakout without selinux in enforcing mode

The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness...

6.3CVSS6.6AI score0.01135EPSS
Exploits0References4
OSV
OSV
added 2018/07/24 8:29 p.m.5 views

ALPINE-CVE-2018-10906

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An attack...

7.8CVSS7AI score0.01414EPSS
Exploits3References1
ThreatPost
ThreatPost
added 2018/06/15 7:14 p.m.8 views

New Banking Trojan Can Launch Overlay Attacks on Latest Android Versions

Researchers have discovered a new Android banking trojan that holds striking similarities to the infamous Lokibot – but packed with new tricky features, most notably its ability to implement an overlay attack on Android 7 and 8. Researchers at ThreatFabric, who discovered the trojan, said...

0.5AI score
Exploits0References3
CNVD
CNVD
added 2017/09/07 12:0 a.m.5 views

selinux-policy denial of service vulnerability

SELinux Security-Enhanced Linux is a mandatory access control security module for Linux-based systems developed by the NSA and SCC Secure Computing Corporation. selinux-policy is one of the Linux security engine bootstrap rules. A security vulnerability exists in selinux-policy. This vulnerabilit...

5.5CVSS5.1AI score0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/01/19 8:59 p.m.2 views

CVE-2016-7545

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call...

8.8CVSS5.9AI score0.00382EPSS
Exploits0References12
Fedora
Fedora
added 2016/10/10 6:6 p.m.30 views

[SECURITY] Fedora 25 Update: libsepol-2.5-10.fc25

Security-enhanced Linux is a feature of the Linux=EF=BF=BD=EF=BF=BD kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve th...

8.8CVSS1.2AI score0.00382EPSS
Exploits0
Fedora
Fedora
added 2016/10/10 6:6 p.m.27 views

[SECURITY] Fedora 25 Update: libselinux-2.5-12.fc25

Security-enhanced Linux is a feature of the Linux=EF=BF=BD=EF=BF=BD kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve th...

8.8CVSS1.7AI score0.00382EPSS
Exploits0
Fedora
Fedora
added 2016/10/10 6:6 p.m.31 views

[SECURITY] Fedora 25 Update: policycoreutils-2.5-17.fc25

Security-enhanced Linux is a feature of the Linux=EF=BF=BD=EF=BF=BD kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve th...

8.8CVSS1.5AI score0.00382EPSS
Exploits0
CNVD
CNVD
added 2015/08/13 12:0 a.m.5 views

LXC Code Injection Vulnerability

LXC LinuX Containers is a user-space interface to the Linux kernel's container functionality that makes it easy for Linux users to create and manage system or application containers through a powerful API and simple tools. A security vulnerability exists in the attach.c file in LXC 1.1.2 and...

4.6CVSS4.5AI score0.0037EPSS
Exploits0References1
OSV
OSV
added 2015/07/22 3:1 p.m.5 views

USN-2675-1 lxc vulnerabilities

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. CVE-2015-1331 Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

4.9CVSS6.1AI score0.00459EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/11/08 12:0 a.m.29 views

RHEL 5 / 6 : rhncfg (RHSA-2012:1369)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1369 advisory. Red Hat Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management...

2.1CVSS5.8AI score0.00389EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2014/10/30 2:12 p.m.10 views

Android 5.0 Lollipop Encryption and Application Control

Google, like most technology companies in this climate, is fighting for the security and privacy of its users’ data on several fronts. With a mobile application ecosystem that invites trouble and government demands for user content and information continuing to rise, Google decided with Android...

7.1AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.1118 views

Linux Kernel 2.4/2.6 - sock_sendpage() Local Root Exploit (PPC Edition)

No description provided by source. / Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/03/21 6:8 p.m.48 views

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix two security issues, several bugs, and add an enhancement are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whi...

5CVSS7.3AI score0.04863EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2012/08/08 12:0 a.m.33 views

CentOS 5 : sudo (CESA-2012:1149)

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

5.6CVSS5.8AI score0.00435EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2012/08/07 4:49 p.m.37 views

Moderate: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

5.6CVSS5.9AI score0.00435EPSS
Exploits1References6
Rows per page
Query Builder