runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

SUSE CVE-2006-3626

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PRSETDUMPABLE in a way that causes /proc/self/environ to become setuid root...

SUSE CVE-2016-8659

Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...

SUSE CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

DEBIAN-CVE-2022-4415

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suiddumpable kernel setting...

DEBIAN-CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

Design/Logic Flaw

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

UBUNTU-CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

Linux kernel 访问控制错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a flaw found in the way certain SUID binaries handle dumpable flag settings when executing their descendants...

DEBIAN-CVE-2016-8659

Bubblewrap before 0.1.3 sets the PRSETDUMPABLE flag, which might allow local users to gain privileges by attaching to the process, as demonstrated by sending commands to a PrivSep socket...

kernel: exec/ptrace: get_dumpable() incorrect tests

A flaw was found in the way the getdumpable function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suiddumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive...

kernel: exec/ptrace: get_dumpable() incorrect tests

A flaw was found in the way the getdumpable function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suiddumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive...

security flaw

Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PRSETDUMPABLE in a way that causes /proc/self/environ to become setuid root...