15 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
A NULL pointer dereference flaw was discovered in the btrfsrmdevice function in fs/btrfs/volumes.c within the Linux Kernel. Triggering this bug requires ‘CAPSYSADMIN’. This flaw allows a local attacker to crash the system or leak internal kernel information. The greatest threat posed by this...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
Linux Kernel nftables: Vulnerability involving local privilege escalation after free operations; nftchainlookupbyid fails to check whether a chain is active, and CAPNETADMIN is present in any user or network namespace...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_11
This update for kernel-livepatch-MICRO-6-0-RTUpdate11 fixes the following issues: CVE-2025-38566: sunrpc: fix handling of server side tls alerts bsc1248376 CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673 CVE-2025-38678: netfilter: nftables:...
SUSE-SU-2025:3734-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
SUSE-SU-2025:3731-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
SUSE-SU-2025:3679-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
CVE-2025-38499
In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...
CVE-2025-38499 clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...
SUSE CVE-2025-37814
In the Linux kernel, the following vulnerability has been resolved: tty: Require CAPSYSADMIN for all usages of TIOCLSELMOUSEREPORT This requirement was overeagerly loosened in commit 2f83e38a095f "tty: Permit some TIOCLSETSEL modes without CAPSYSADMIN", but as it turns out, 1 the logic I...
UBUNTU-CVE-2023-7192
A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...
The vulnerability of the CAP_SYS_ADMIN mode of the interactive platform for studying containerization in Play With Docker (PWD) allows a hacker to elevate their privileges and escape from an isolated environment.
The vulnerability of the CAPSYSADMIN mode of the interactive platform for the Play With Docker PWD study involves deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges and escape from an isolated environment...
DEBIAN-CVE-2023-39189
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel, which stems from a NULL pointer dereference flaw found in the ipv4 stack, which can be exploited by a local attack...
SUSE CVE-2013-3301
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for write access to the 1 setftracepid or 2 setgraphfunction file...
The vulnerability of the Linux operating system, which allows a malicious individual to increase their privileges
Local users with the privilege of CAPSYSADMIN can enhance their privileges by using the aacraid driver for storage from various manufacturers...