8 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These cou...
LSN-0077-1: Kernel Live Patch Security Notice
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...
CVE-2021-3492 Ubuntu linux kernel shiftfs file system double free vulnerability
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...
CVE-2021-3492
A flaw use after free or use before allocation in the Linux kernel Shiftfs file-system was found in the way user calls one of the few ioctls. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
Ubuntu: Security Advisory (USN-4915-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4917-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4917-1: Linux kernel vulnerabilities
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. CVE-2021-3493 Vincent Dehors discovered that the shiftfs file...
USN-4915-1: Linux kernel (OEM) vulnerabilities
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. CVE-2021-3493 Vincent Dehors discovered that the shiftfs file...