Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2024/03/13 9:11 a.m.4 views

kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests

A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...

7.8CVSS6.9AI score0.00864EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/25 11:14 a.m.6 views

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe

An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape...

10CVSS6.9AI score0.03546EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.10 views

PT-2023-3470 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free flaw in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests. This can lead to performing...

7.8CVSS7.8AI score0.0616EPSS
Exploits9References461
OSV
OSV
added 2018/06/17 8:29 p.m.19 views

CVE-2018-12026

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in...

9.8CVSS9.2AI score
Exploits0References2
RubySec
RubySec
added 2018/06/12 12:0 a.m.28 views

SpawningKit exploits

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in...

9.8CVSS6.5AI score0.01948EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder