384 matches found
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
This is a PoC exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu OverlayFS. The exploit targets Ubuntu versions 20.10, 20.04 LTS, 19.04, 18.04 LTS, 16.04 LTS, and 14.04 ESM. The vulnerability arises from a Linux kernel issue where it did not properly validate the...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1. The exploit allows an attacker to gain privileges or cause a DoS through user namespace memory corruption. The target is Linux, and the vulnerability class is heap out-of-bounds write. The probable entry...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
The vulnerability of the overlayfs component in the Linux operating system’s kernel allows for insecure privilege management. This enables attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the overlayfs component in the Linux operating system’s kernel involves ignoring user name spaces when configuring file permissions in the underlying file system. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, a...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
CVE-2021-3715
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
Privilege Escalation
linux-gkeop is vulnerable to privilege escalation. The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a...
CVE-2021-22555
A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...
CVE-2021-22555 Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user name space...
CVE-2021-0605
A flaw was found in the way the Linux kernel's pfkeydump function trusted the provided filter size parameters. A local, sufficiently privileged user could use this flaw to leak information from the kernel. Mitigation If the CAPNETADMIN capability is privileged by default which is true for Red Hat...
Privilege Escalation
Bubblewrap bwrap is vulnerable to privilege escalation. If installed in setuid mode and the kernel supports unprivileged user namespaces, then the bwrap --userns2 option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root...
USN-4916-2 linux, linux-aws, linux-gke-5.3, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem-5.6, linux-raspi2, linux-raspi2-5.3, linux-snapdragon regression
USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the overlayfs implementation in the Linu...
Ubuntu: Security Advisory (USN-4916-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...