127 matches found
USN-6122-1: Linux kernel (OEM) vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...
USN-6122-1 linux-oem-6.1 vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...
CVE-2023-2612
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...
PT-2023-3081 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Ubuntu Linux kernel affected versions not specified Description: The shiftfs file system in the Ubuntu Linux kernel contains a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of...
UBUNTU-CVE-2023-2612
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6124-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6124-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6123-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6123-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...
K65292036: Linux kernel vulnerability CVE-2019-15791
Security Advisory Description In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl...
SUSE CVE-2019-15794
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...
SUSE CVE-2019-15791
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...
SUSE CVE-2021-3492
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...
The vulnerability of the copy_from_user() function in the file system of the shiftfs filesystem in Linux’s operating system, which is related to the repeated release of memory, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the copyfromuser function in the file system of the shiftfs filesystem in Linux’s operating system is related to the repeated release of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...
Denial Of Service (DoS)
Shiftfs is vulnerable to denial of service. The vulnerability exists due to improper handling of faults occurrence during copyfromuser resulting in a double-free or memory not being freed situation...
LSN-0077-1: Kernel Live Patch Security Notice
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...
LSN-0077-1 Kernel Live Patch Security Notice
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...
(Pwn2Own) Canonical Ubuntu ShiftFS File System Double Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ShiftFS module...
CVE-2021-3492
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...
CVE-2021-3492
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...
Double free
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...
CVE-2021-3492 Ubuntu linux kernel shiftfs file system double free vulnerability
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...