376 matches found
Ubuntu 16.04 ESM / 18.04 LTS : shadow vulnerabilities (USN-5254-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5254-1 advisory. It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose...
Exploit for Incorrect Authorization in Linux Linux_Kernel
CVE-2018-18955 Linux local root exploit. Wrapper for Jann Horn...
GHSA-W6V2-QCHM-GRJ7 Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity
Impact Insecure permissions on temporary directories used in fakeroot or user namespace container execution. When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a temporary sandbox directory. Due to...
Medium: docker
Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...
Medium: docker
Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...
kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
CVE-2021-3493 Ubuntu OverlayFS Local Privesc Affected Vers...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1, discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user namespace. The exploit is tested on Ubuntu 5.8.0-48-generic and CO...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
DEBIAN-CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user name space...
UBUNTU-CVE-2021-22555
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user name space...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from a heap out-of-bounds write in net/netfilter/xtables.c. The vulnerability can be exploited to...
LSN-0076-1: Kernel Live Patch Security Notice
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT compil...
CVE-2021-3493
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...