14 matches found
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes...
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes...
CVE-2022-29800
CVE-2022-29800 describes a TOCTOU race in networkd-dispatcher where there is a window between script discovery and execution. An attacker could replace scripts that networkd-dispatcher believes are owned by root with untrusted ones, enabling local privilege escalation and potentially arbitrary co...
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes...
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes...
USN-5395-1: networkd-dispatcher vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code...
USN-5395-2: networkd-dispatcher regression | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Origina...
Ubuntu: Security Advisory (USN-5395-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-29800
A time-of-check-time-of-use TOCTOU race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a specific time between discovering and running the script. This flaw allows an attacker to replace scripts that networkd-dispatcher believes to be owned by root wit...
Ubuntu: Security Advisory (USN-5395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5395-1: networkd-dispatcher vulnerabilities
It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. CVE-2022-29799, CVE-2022-29800...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : networkd-dispatcher vulnerabilities (USN-5395-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5395-1 advisory. It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue t...
Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System
Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities. Collectively called "Nimbuspwn," the flaws "can be chained together to gain root privileges on...
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn
Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could allow an attacker to elevate privileges to root on many Linux desktop endpoints. The vulnerabilities can be chained together to gain root privileges on Linux systems, allowing attackers to deploy...