EUVD-2017-7732

Malware in sbrugna...

GHSA-VFJC-2QCW-J95J Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

Mageia: Security Advisory (MGASA-2018-0398)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Docker Moby Design Vulnerability

Docker Moby is a framework for installing systems in containers. A security vulnerability in the 'DefaultLinuxSpec' function in the oci/defaults.go file in Docker Moby 17.03.2-ce and prior versions stems from the program failing to block /proc/scsi pathnames. An attacker could exploit this...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

Design/Logic Flaw

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...

CVE-2017-16539

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...