MGASA-2021-0282 Updated kernel packages fix security and other issues

The kernel update in MGASA-2021-0257 contained some security fixes that caused regressions in at least some container and chroot setups. This update provides upstream 5.10.45 that adds follow-up fixes to resolve the regressions and other various security-related and other bugfixes. For more info...

SUSE: Security Advisory (SUSE-SU-2019:2030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora has an unspecified vulnerability

Fedora is a set of Linux operating systems from the Fedora community. A security vulnerability exists in Fedora's Mounting /proc filesystem, which can be exploited by an attacker to bypass the chroot environment and gain write access to files...

DEBIAN-CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

Command injection

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

CVE-2008-2544

CVE-2008-2544 describes a local bypass where mounting the /proc filesystem inside a chroot can occur in read-write mode, allowing a user to bypass the chroot and gain write access to files they would not normally access. The connected documents reiterate the same description but do not provide pr...

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

Fedora 安全漏洞

Fedora is a set of Linux operating systems from the Fedora community. A security vulnerability exists in Fedora's Mounting /proc filesystem, which can be exploited by an attacker to bypass the chroot environment and gain write access to files...

CVE-2020-7468

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

SYS.1.3.A10

Dienste und Anwendungen SOLLTEN mit einer individuellen Sicherheitsarchitektur geschuetzt werden z. B. mit AppArmor oder SELinux. Auch chroot-Umgebungen sowie LXC- oder Docker-Container SOLLTEN dabei beruecksichtigt werden. Es SOLLTE sichergestellt sein, dass mitgelieferte Standardprofile bzw...

container-tools:2.0 security update

buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...

CVE-2020-20277

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...

Directory traversal

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...

CVE-2020-20277

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...

PT-2020-15252 · Uftpd · Uftpd

Name of the Vulnerable Software and Affected Versions: uftpd FTP server versions 2.7 to 2.10 Description: The issue arises from improper implementation of a chroot jail in the compose abspath function in common.c, leading to multiple unauthenticated directory traversal vulnerabilities in differen...

chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer.

...