396 matches found
USN-2985-1 eglibc, glibc vulnerabilities
Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...
CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
DEBIAN-CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
UBUNTU-CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation
Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts...
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation
Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts devices in /dev/pts to the same uid holding the master file descriptor for the slave...
kernel: race condition between chown() and execve()
A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the syst...
kernel: race condition between chown() and execve()
A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the syst...
Ubuntu: Security Advisory (USN-2601-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Mac OSX Install.Framework - Arbitrary mkdir unlink and chown to Admin Group
Apple Mac OSX Install.Framework - Arbitrary mkdir unlink and chown to Admin Group Source: https://code.google.com/p/google-security-research/issues/detail?id=477 Install.framework has a suid root binary here: /System/Library/PrivateFrameworks/Install.framework/Resources/runner This binary vends t...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20150722)
A flaw was found in the way Linux kernel's Transparent Huge Pages THP implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. CVE-2014-3940, Moderate A buffer overflow flaw was found in the way the Linu...
RedHat Update for kernel RHSA-2015:1272-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Synology Cloud Station Elevation of Privilege Vulnerability
Synology Cloud Station is a solution for synchronizing data between all devices using a cloud station. A security vulnerability in the clientchown tool in the Synology Cloud Station's synchronization client client for OS X-based platforms allows a local attacker to change the ownership of arbitra...
DEBIAN-CVE-2015-3339
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
Race condition
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
CVE-2015-3339
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2597-2)
USN-2597-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. A race condition betwe...
Ubuntu 14.10 : linux regression (USN-2600-2)
USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. A race condition betwe...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2599-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2599-2 advisory. USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the...