Lucene search
K

127 matches found

Ubuntu
Ubuntu
added 2023/05/30 5:32 p.m.87 views

USN-6122-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
OSV
OSV
added 2023/05/30 5:32 p.m.4 views

USN-6122-1 linux-oem-6.1 vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.7AI score0.12966EPSS
Exploits7References3
UbuntuCve
UbuntuCve
added 2023/05/30 12:0 a.m.26 views

CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

4.7CVSS6.7AI score0.00284EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.7 views

PT-2023-3081 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Ubuntu Linux kernel affected versions not specified Description: The shiftfs file system in the Ubuntu Linux kernel contains a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of...

7.8CVSS7.5AI score0.16642EPSS
Exploits27References172
OSV
OSV
added 2023/05/30 12:0 a.m.1 views

UBUNTU-CVE-2023-2612

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service kernel deadlock...

4.7CVSS6.7AI score0.00284EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.28 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6124-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6124-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.4AI score0.12966EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.34 views

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6123-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6123-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

7.8CVSS7.3AI score0.12966EPSS
Exploits8References6
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.35 views

K65292036: Linux kernel vulnerability CVE-2019-15791

Security Advisory Description In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl...

7.8CVSS7.5AI score0.01317EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

6.7CVSS8.2AI score0.01158EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.3 views

SUSE CVE-2019-15791

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...

7.8CVSS8.2AI score0.01317EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.1 views

SUSE CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

8.8CVSS6AI score0.01547EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/10/05 12:0 a.m.5 views

The vulnerability of the copy_from_user() function in the file system of the shiftfs filesystem in Linux’s operating system, which is related to the repeated release of memory, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the copyfromuser function in the file system of the shiftfs filesystem in Linux’s operating system is related to the repeated release of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

7.8CVSS6.7AI score0.01547EPSS
Exploits1References8Affected Software2
Veracode
Veracode
added 2021/05/24 9:30 a.m.29 views

Denial Of Service (DoS)

Shiftfs is vulnerable to denial of service. The vulnerability exists due to improper handling of faults occurrence during copyfromuser resulting in a double-free or memory not being freed situation...

8.8CVSS2.2AI score0.01547EPSS
Exploits1References7Affected Software3
Ubuntu
Ubuntu
added 2021/05/17 9:4 a.m.97 views

LSN-0077-1: Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

8.8CVSS7.3AI score0.01547EPSS
Exploits1
OSV
OSV
added 2021/05/17 7:4 a.m.8 views

LSN-0077-1 Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

8.8CVSS6.6AI score0.01547EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2021/04/21 12:0 a.m.116 views

(Pwn2Own) Canonical Ubuntu ShiftFS File System Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ShiftFS module...

8.8CVSS4AI score0.01547EPSS
Exploits1References1
OSV
OSV
added 2021/04/17 5:15 a.m.2 views

CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

7.8CVSS6.9AI score0.01547EPSS
Exploits1References6
NVD
NVD
added 2021/04/17 5:15 a.m.20 views

CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

8.8CVSS0.01547EPSS
Exploits1References6
Prion
Prion
added 2021/04/17 5:15 a.m.25 views

Double free

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

7.2CVSS7.6AI score0.01547EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2021/04/17 4:20 a.m.37 views

CVE-2021-3492 Ubuntu linux kernel shiftfs file system double free vulnerability

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

8.8CVSS8.3AI score0.01547EPSS
Exploits1References6
Rows per page
Query Builder