16 matches found
Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...
USN-8255-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
CVE-2023-32629 — OverlayFS Local Full Privilege Escalation Ove...
Linux Distros Unpatched Vulnerability : CVE-2023-32629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
Ubuntu Privilege Escalation: CVE-2023-2640 and CVE-2023-32629...
Exploit for Incorrect Authorization in Canonical Ubuntu_Linux
Check for CVE-2023-32629 GameOverlay Script Overview: Th...
CVE-2023-32629
A flaw was found in the Linux Kernel where the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. This flaw allows a local attacker to gain elevated privileges due to skipped permission in checking for trusted.overlayfs. xattrs...
Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6261-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6261-1 advisory. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bound...
CVE-2023-32629
creationtimestamp| type| source ---|---|--- 2023-07-27 15:32:19+00:00| published-proof-of-concept| https://t.me/sysodmins/18938 2023-07-27 15:34:09+00:00| seen| https://t.me/thehackernews/3659 2023-07-27 17:41:47+00:00| seen| https://t.me/informationsecuritychannel/50345 2023-07-28 10:40:05+00:00...
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users
Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% o...
CVE-2023-32629
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...
CVE-2023-32629
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...
CVE-2023-32629
CVE-2023-32629 is an OverlayFS local privilege escalation in Ubuntu kernels. The issue arises when OverlayFS copy-up uses host credentials while preserving xattrs, allowing an unprivileged user (with user namespaces) to gain real root outside the namespace by exploiting a trusted cap_setuid xattr...
Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6251-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6251-1 advisory. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an...
Ubuntu: Security Advisory (USN-6250-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...