203 matches found
CVE-2021-3631
CVE-2021-3631 affects libvirt: flaw in SELinux MCS category pair generation for VM dynamic labels allows a guest to access files labeled for another guest, breaking sVirt confinement and impacting confidentiality/integrity. Connected advisories confirm libvirt remediation via package upgrades (no...
Access Restriction Bypass
Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...
Access Restriction Bypass
Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...
Access Restriction Bypass
Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...
USN-5292-2 snapd vulnerabilities
USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to...
Ubuntu 20.04 LTS : snapd vulnerabilities (USN-5292-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5292-2 advisory. USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Tenable has extracted the precedin...
CVE-2021-4120
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
CVE-2021-4120
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
DEBIAN-CVE-2021-4120
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
Design/Logic Flaw
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
CVE-2021-4120
CVE-2021-4120 affects snapd 2.54.2, where insufficient validation of snap content interface and layout paths allows a snap to inject arbitrary AppArmor policy rules and escape strict snap confinement. The underlying issue is in the content interface and layout declarations, enabling bypass of con...
CVE-2021-4120 snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
CVE-2021-4120
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...
Ubuntu 18.04 LTS / 20.04 LTS : snapd vulnerabilities (USN-5292-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5292-1 advisory. James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this...
selinux-policy bug fix and enhancement update
The selinux-policy packages contain the rules that govern how confined processes run on the system. Bug Fixes and Enhancements: RHEL 8.4 Backport container-selinux policy to allow spct domains to set bpf rules on any domain BZ2015846 AVC prevents ping -I from running in UBI 8 container BZ2027691...
USN-5191-1 flatpak vulnerability
It was discovered that Flatpak incorrectly handled certain AFUNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement...
USN-5191-1: Flatpak vulnerability
It was discovered that Flatpak incorrectly handled certain AFUNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement...
OESA-2021-1385 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: An improper locking issue was found in the virStoragePoolLookupByTargetPath API o...
libvirt: Insecure sVirt label generation
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...
openSUSE 15 Security Update : libvirt (openSUSE-SU-2021:1119-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1119-1 advisory. - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access...