Lucene search
K

235 matches found

OpenVAS
OpenVAS
added 2022/06/24 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2022:2165-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00386EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/02/17 12:0 a.m.4 views

PT-2022-1909 · Canonical +3 · Snapd +4

Name of the Vulnerable Software and Affected Versions: snapd versions 2.54.2 Description: The issue is related to a race condition in the snap-confine binary of the snapd utility, which can be exploited to gain root privileges by executing arbitrary code. This can be achieved by a local attacker...

8.8CVSS6.9AI score0.00966EPSS
Exploits5References54
Veracode
Veracode
added 2022/01/08 1:26 p.m.29 views

Privilege Escalation

containerd is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation of node location allowing an attacker to bind mount via hostPath...

9.1CVSS3.9AI score0.0169EPSS
Exploits1References10Affected Software4
Prion
Prion
added 2022/01/05 7:15 p.m.22 views

Design/Logic Flaw

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

6CVSS8.9AI score0.0169EPSS
Exploits1References6Affected Software2
Positive Technologies
Positive Technologies
added 2022/01/05 12:0 a.m.3 views

PT-2022-11912

Name of the Vulnerable Software and Affected Versions: containerd versions 1.5.0-beta.0 through 1.5.8 Description: The issue affects installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd as the backing container runtime interface CRI. An unprivileged pod...

9.1CVSS6.9AI score0.27392EPSS
Exploits6References46
OPENSUSE Linux
OPENSUSE Linux
added 2021/12/23 12:0 a.m.35 views

Security update for runc (moderate)

openSUSE Security Update: Security update for runc Announcement ID: openSUSE-SU-2021:4171-1 Rating: moderate References: 1193436 Cross-References: CVE-2021-43784 CVSS scores: CVE-2021-43784 NVD : 6 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L Affected Products: openSUSE Leap 15.3 An update that...

6CVSS6.5AI score0.01663EPSS
Exploits1References1
Amazon
Amazon
added 2021/11/18 12:0 a.m.5 views

Important: runc

Issue Overview: The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentialit...

8.5CVSS6.9AI score0.06604EPSS
Exploits0
Amazon
Amazon
added 2021/11/18 12:0 a.m.3 views

Important: runc

Issue Overview: The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentialit...

8.5CVSS6.9AI score0.06604EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/06/10 8:42 a.m.3 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/06/09 5:8 p.m.3 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/05/31 7:51 a.m.3 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/04/07 10:33 a.m.93 views

Important: Red Hat Security Advisory: container-tools:rhel8 security and bug fix update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.8CVSS6.7AI score0.02486EPSS
Exploits0References7
OSV
OSV
added 2020/04/07 9:15 a.m.25 views

RLSA-2020:1379 Important: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 For more details about the security issues, including the impact, a CVSS score,...

5.6CVSS7.2AI score0.02486EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.47 views

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1521)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a...

10CVSS7AI score0.1081EPSS
Exploits17References21
Prion
Prion
added 2019/02/04 6:29 p.m.15 views

Race condition

Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a bind mount via rename which could result in local privilege escalation. Mounting via rename could potentially lead to a file being placed elsewhereon the filesystem hierarchy e.g. /etc/cron.d/ if the directory being cleaned up...

4.4CVSS6.5AI score0.00253EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2019/02/04 12:0 a.m.21 views

CVE-2019-3461

Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a bind mount via rename which could result in local privilege escalation. Mounting via rename could potentially lead to a file being placed elsewhereon the filesystem hierarchy e.g. /etc/cron.d/ if the directory being cleaned up...

7CVSS7AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2016/12/28 7:59 a.m.1 views

DEBIAN-CVE-2016-6213

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service memory consumption and deadlock via MSBIND mount system calls, as demonstrated by a loop that triggers exponential growth in the...

4.7CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2016/10/17 1:9 p.m.8 views

SUSE-SU-2016:2553-1 Security update for kdump

This update for kdump provides several fixes and enhancements: - Refresh kdumprd if /etc/hosts or /etc/nsswitch.conf is changed. bsc943214 - Add a separate systemd service to rebuild kdumprd at boot. bsc943214 - Improve network setup in the kdump environment by reading configuration from wicked b...

7.8CVSS7AI score0.00382EPSS
Exploits0References16
CNVD
CNVD
added 2016/05/17 12:0 a.m.5 views

ubuntu-core-launcher package information disclosure vulnerability

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation. ubuntu-core-launcher package is a core application package for launching Ubuntu. A security vulnerability exists in the 'setupsnappyosmounts' function in the ubuntu-core-launcher package prio...

10CVSS6.9AI score0.03485EPSS
Exploits0References1
OSV
OSV
added 2016/04/29 5:21 p.m.6 views

USN-2956-1 ubuntu-core-launcher vulnerability

Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly sanitize its input and contained a logic error when determining the mountpoint of bind mounts when using snaps on Ubuntu classic systems eg, traditional desktop and server. If a user were tricked into installing a malicious sn...

10CVSS7.4AI score0.03485EPSS
Exploits0References2
Rows per page
Query Builder