408 matches found
SUSE CVE-2024-8038
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks...
Unauthorized Access
github.com/juju/juju is vulnerable to an Unauthorized Access. The vulnerability is due to improper access control over the JUJUCONTEXTID and the exposed UNIX domain socket, allowing unauthorized users on the local system with access to the default network namespace to connect and perform privileg...
Denial Of Service (DoS)
github.com/juju/juju is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient authentication controls on the abstract UNIX domain socket, allowing any local network namespace user to access it without proper verification...
GO-2024-3174 Vulnerable juju hook tool abstract UNIX domain socket in github.com/juju/juju
Vulnerable juju hook tool abstract UNIX domain socket in github.com/juju/juju...
CentOS 7 : kpatch-patch (RHSA-2022:1185)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1185 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...
CentOS 7 : kernel (RHSA-2022:1198)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1198 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...
Vulnerable juju introspection abstract UNIX domain socket
Impact An abstract UNIX domain socket responsible for introspection is available without authentication locally to any user with access to the network namespace where the local juju agent is running. On a juju controller agent, denial of service can be performed by using the /leases/revoke...
GHSA-XWGJ-VPM9-Q2RQ Vulnerable juju introspection abstract UNIX domain socket
Impact An abstract UNIX domain socket responsible for introspection is available without authentication locally to any user with access to the network namespace where the local juju agent is running. On a juju controller agent, denial of service can be performed by using the /leases/revoke...
Vulnerable juju hook tool abstract UNIX domain socket
Impact When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. Patches Patch:...
GHSA-8V4W-F4R9-7H6X Vulnerable juju hook tool abstract UNIX domain socket
Impact When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. Patches Patch:...
Duplicate Advisory: Vulnerable juju hook tool abstract UNIX domain socket
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8v4w-f4r9-7h6x. This link is maintained to preserve external references. Original Description Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the...
Duplicate Advisory: Juju Unprotected Alternate Channel vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xwgj-vpm9-q2rq. This link is maintained to preserve external references. Original Description Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspecti...
GHSA-85QF-6845-M8P2 Duplicate Advisory: Juju Unprotected Alternate Channel vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xwgj-vpm9-q2rq. This link is maintained to preserve external references. Original Description Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspecti...
CVE-2024-8038
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks...
CVE-2024-8037
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a...
CVE-2024-8038
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks...
CVE-2024-8037
CVE-2024-8037 describes a vulnerability in the juju hook tool where an abstract UNIX domain socket can be misused when JUJU_CONTEXT_ID is present. A local user who can access the default network namespace could connect to the socket at /var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform ...
CVE-2024-8037
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a...
CVE-2024-8037
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a...
Juju 安全漏洞
Juju is an open source application orchestration engine from Canonical Juju Open Source. A security vulnerability exists in Juju that stems from an abstract UNIX domain socket responsible for introspection being used without locally authenticating the network namespace user, which could lead to a...