30 matches found
EUVD-2013-1861
Malware in sbrugna...
EUVD-2014-2705
Malware in sbrugna...
EUVD-2009-0040
Malware in sbrugna...
SUSE CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
SUSE CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A deficiency in the clone system call when called with the CLONEPARENT flag permits the caller the parent process to indicate an arbitrary signal it wants to receive when its child process exits. This could lead to a denial of service of the parent proce...
UBUNTU-CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
Design/Logic Flaw
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
CVE-2013-1956
The CVE-2013-1956 issue affects the Linux kernel prior to 3.8.6, where create_user_ns in kernel/user_namespace.c may bypass filesystem restrictions by not verifying that a chroot directory differs from the namespace root during a crafted clone system call. This violation could allow local users t...
CVE-2013-1956
The createuserns function in kernel/usernamespace.c in the Linux kernel before 3.8.6 does not check whether a chroot directory exists that differs from the namespace root directory, which allows local users to bypass intended filesystem restrictions via a crafted clone system call...
PT-2013-3489 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.8.6 Description: The issue allows local users to bypass intended filesystem restrictions. This is due to the create user ns function in kernel/user namespace.c not checking whether a chroot directory exists th...
Design/Logic Flaw
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
CVE-2013-1858
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONENEWUSER and CLONEFS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child...
CVE-2013-1858
The CVE-2013-1858 issue affects the Linux kernel prior to 3.8.3, where the clone system-call mishandles a combination of CLONE_NEWUSER and CLONE_FS. This enables local users to escalate privileges by calling chroot and taking advantage of the sharing of the / directory between a parent process an...
PT-2013-3436 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.8.3 Description: The issue allows local users to gain privileges by exploiting a flaw in the clone system-call implementation. This is achieved by calling chroot and leveraging the sharing of the / directory...
kernel: execve: must clear current->clear_child_tid
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...
Memory corruption
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...
CVE-2009-2848
CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...