Moderate: Red Hat Security Advisory: systemd security, bug fix, and enhancement update

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1452)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic...

openSUSE Security Update : cni / cni-plugins / conmon / etc (openSUSE-2020-398)

This update for cni, cni-plugins, conmon, fuse-overlayfs, podman fixes the following issues : podman was updated to 1.8.0 : - CVE-2019-18466: Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator 3829 bsc1155217 -...

openSUSE Security Update : python-azure-agent (openSUSE-2020-261)

This update for python-azure-agent fixes the following issues : python-azure-agent was updated to version 2.2.45 jscECO-80 + Add support for Gen2 VM resource disks + Use alternate systemd detection + Fix /proc/net/route requirement that causes errors on FreeBSD + Add cloud-init auto-detect to...

openSUSE: Security Advisory for python-azure-agent (openSUSE-SU-2020:0261-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for python-azure-agent (moderate)

openSUSE Security Update: Security update for python-azure-agent Announcement ID: openSUSE-SU-2020:0261-1 Rating: moderate References: 1127838 Cross-References: CVE-2019-0804 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update fo...

Moderate: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impa...

RHEL 8 : systemd (RHSA-2019:3592)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3592 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

container-tools:rhel8 bug fix update

Bug Fixes: race/corruption: podman failed to launch containers BZ1741110 podman exec can fail with "failed to write ... to cgroup.procs invalid argument" BZ1743163...

Docker - Container Escape Exploit

Exploit for linux platform in category local exploits Docker - Container Escape Exploit On the host docker run --rm -it --cap-add=SYSADMIN --security-opt apparmor=unconfined ubuntu bash In the container mkdir /tmp/cgrp && mount -t cgroup -o rdma cgroup /tmp/cgrp && mkdir /tmp/cgrp/x echo 1...

Important: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Privilege Escalation

rkt is vulnerable to privilege escalation attacks. Processes generated with the rkt enter command run with escalated capabilities, without seccomp filtering, and are not limited by cgroups which leads to the privilege escalation vulnerability. Affected component is Process Handler...

Important: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2019-10147

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

CVE-2019-10147

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

Design/Logic Flaw

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

UBUNTU-CVE-2019-10147

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

CVE-2019-10147

CVE-2019-10147 affects rkt (through version 1.30.0). The issue is that containers started with rkt enter are not isolated by cgroups during stage 2, allowing processes run within those containers to access host resources. The connected documents reiterate that this limitation can enable compromis...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3981-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3981-2 advisory. USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3982-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3982-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa...