CVE-2024-52867

Summary: CVE-2024-52867 affects GNU Guix, specifically the guix-daemon prior to 5ab3c4c. Local users can escalate privileges because build outputs may be accessible before file metadata concerns for setuid/setgid programs are addressed. Affected component: guix-daemon (GNU Guix) before the refere...

CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An incorrect privilege assignment vulnerability exists in Siemens InterMesh Subscriber Devices, which is due to an affected device containing a SUID binary file that can be exploit...

Debian dla-3895 : puredata - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3895 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3895-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-34331

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root...

FreeBSD : FreeBSD -- ktrace(2) fails to detach when executing a setuid binary (8fb61d94-771b-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8fb61d94-771b-11ef-9a62-002590c1f29c advisory. A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated...

RHEL 9 : bubblewrap and flatpak (RHSA-2024:6356)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6356 advisory. Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Important: Red Hat Security Advisory: bubblewrap and flatpak security update

An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2024-43882

A vulnerability was found in the Linux kernel. The fix addresses a race condition during file execution exec, where a file’s permissions could change between an initial check and execution, potentially allowing unauthorized privilege escalation. Specifically, a non-privileged user could gain root...

DEBIAN-CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2024-43882

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

CVE-2024-43882

CVE-2024-43882 is a Linux kernel race Condition (ToCToU) in exec path: permission checks for a file are done at do_filp_open(), but the metadata (mode/UID/GID) used later in execve() can be changed before execution, enabling potential root privilege escalation. The issue is exploitable in scenari...

openSUSE 15 Security Update : apptainer (openSUSE-SU-2024:0244-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0244-1 advisory. - Make sure, digest values handled by the Go library github.com/opencontainers/go-digest and used throughout the Go-implemented containers...

OPENSUSE-SU-2024:0244-1 Security update for apptainer

This update for apptainer fixes the following issues: - Make sure, digest values handled by the Go library github.com/opencontainers/go-digest and used throughout the Go-implemented containers ecosystem are always validated. This prevents attackers from triggering unexpected authenticated registr...

CVE-2024-6760

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from a logic error in the code that disables kernel tracing, allowing an unprivileged user to trace and inspect the behavior of the setuid program...