Lucene search
K

235 matches found

OSV
OSV
added 2015/11/05 4:23 p.m.2 views

USN-2794-1 linux vulnerabilities

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

6.9CVSS6.8AI score0.01246EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2015/11/05 12:14 a.m.81 views

USN-2792-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...

6.9CVSS6.7AI score0.05059EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/10/06 12:0 a.m.29 views

Ubuntu 14.04 LTS : LXC regression (USN-2753-3)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2753-3 advisory. USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers tha...

5.5AI score
Exploits0References1
OSV
OSV
added 2015/10/05 9:44 p.m.2 views

USN-2753-3 lxc regression

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had a path that contained a '/./' directory specified as a bind mount target in their configuration file. This update fixes the...

5.8AI score
Exploits0References2
Prion
Prion
added 2015/10/01 8:59 p.m.12 views

Code injection

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

7.2CVSS6.6AI score0.00459EPSS
Exploits0References13Affected Software2
NVD
NVD
added 2015/10/01 8:59 p.m.20 views

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

7.2CVSS8.2AI score0.00459EPSS
Exploits0References13
OSV
OSV
added 2015/10/01 8:59 p.m.8 views

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

6AI score
Exploits0References14
Cvelist
Cvelist
added 2015/10/01 8:0 p.m.31 views

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

8.2AI score0.00459EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2015/10/01 8:0 p.m.20 views

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

7.2CVSS8AI score0.00459EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/01 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-2753-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
OSV
OSV
added 2015/09/30 6:3 p.m.2 views

USN-2753-2 lxc regression

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had an absolute path specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for th...

5.8AI score
Exploits0References2
Ubuntu
Ubuntu
added 2015/09/30 6:3 p.m.39 views

USN-2753-2: LXC regression

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had an absolute path specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for th...

5.5AI score
Exploits0References1
OSV
OSV
added 2015/09/29 2:0 p.m.3 views

UBUNTU-CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

7.2CVSS6.1AI score0.00459EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/22 12:0 a.m.236 views

Debian DSA-3364-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2015-8215 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs Router Advertisements, without sufficiently validating...

6.9CVSS7.1AI score0.03693EPSS
Exploits1References17
OpenVAS
OpenVAS
added 2015/09/21 12:0 a.m.59 views

Debian Security Advisory DSA 3364-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2015-0272 It was discovered that NetworkManager would set IPv6 MTUs based on the values received in IPv6 RAs Router Advertisements, without sufficiently validating...

7.8CVSS0.7AI score0.05059EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/04/06 12:0 a.m.45 views

CVE-2015-2925

The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...

6.9CVSS6.8AI score0.01246EPSS
Exploits0References11
OSV
OSV
added 2015/04/06 12:0 a.m.3 views

UBUNTU-CVE-2015-2925

The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack."...

6.9CVSS6.7AI score0.01246EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2014/08/20 12:0 a.m.41 views

Fedora 19 : kernel-3.14.17-100.fc19 (2014-9449)

The 3.14.17 stable update contains a number of important fixes across the tree. Fix CVE-2014-5206, CVE-2014-5207: ro bind mount bypass with namespaces The 3.14.16 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding...

7.2CVSS6.8AI score0.00888EPSS
Exploits6References4
NVD
NVD
added 2014/08/18 11:15 a.m.15 views

CVE-2014-5207

fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, ...

6.2CVSS8.7AI score0.00888EPSS
Exploits6References12
OSV
OSV
added 2014/08/18 11:15 a.m.1 views

DEBIAN-CVE-2014-5206

The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount"...

7.2CVSS7.8AI score0.00368EPSS
Exploits0References1
Rows per page
Query Builder