Lucene search
K

691 matches found

Vulnrichment
Vulnrichment
added 2024/05/21 3:30 p.m.17 views

CVE-2023-52779 fs: Pass AT_GETATTR_NOSEC flag to getattr interface function

In the Linux kernel, the following vulnerability has been resolved: fs: Pass ATGETATTRNOSEC flag to getattr interface function When vfsgetattrnosec calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfsgetattrnosec can again be called from...

6.8AI score0.00208EPSS
Exploits0References2
CVE
CVE
added 2024/05/21 3:30 p.m.71 views

CVE-2023-52779

CVE-2023-52779 describes a Linux kernel issue where vfs_getattr_nosec() could end up invoking vfs_getattr() in certain filesystems (notably overlayfs and ecryptfs), which could lead to a NULL pointer dereference due to security_inode_getattr() on a process with no current->fs. The patch introd...

5.5CVSS5.2AI score0.00208EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/05/21 3:30 p.m.22 views

CVE-2023-52779

In the Linux kernel, the following vulnerability has been resolved: fs: Pass ATGETATTRNOSEC flag to getattr interface function When vfsgetattrnosec calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfsgetattrnosec can again be called from...

5.5CVSS5.3AI score0.00208EPSS
Exploits0
OSV
OSV
added 2024/05/21 3:30 p.m.14 views

CVE-2023-52779 fs: Pass AT_GETATTR_NOSEC flag to getattr interface function

In the Linux kernel, the following vulnerability has been resolved: fs: Pass ATGETATTRNOSEC flag to getattr interface function When vfsgetattrnosec calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfsgetattrnosec can again be called from...

5.5CVSS5AI score0.00208EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.18 views

Oracle Linux 5 : ecryptfs-utils (ELSA-2009-1307)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1307 advisory. 75-4 - fix EOF handling 499367 - add icon to gui desktop file 75-3 - ask for password confirmation when creating openssl key 500850 - removed executable...

7.2CVSS5.6AI score0.00386EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.17 views

Debian: Security Advisory (DLA-397-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.4AI score0.00368EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:9 p.m.30 views

K16381: Linux kernel vulnerability CVE-2014-9683

Security Advisory Description Off-by-one error in the ecryptfsdecodefromfilename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted...

3.6CVSS6.5AI score0.00447EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.4 views

SUSE CVE-2008-5188

The 1 ecryptfs-setup-private, 2 ecryptfs-setup-confidential, and 3 ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process...

7.2CVSS6.5AI score0.00386EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.1 views

SUSE CVE-2009-0269

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service fault or memory corruption, or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array...

4.9CVSS6.7AI score0.00502EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-0787

The ecryptfswritemetadatatocontents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory...

4.9CVSS6.3AI score0.00389EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2407

Heap-based buffer overflow in the parsetag3packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a...

6.9CVSS7.1AI score0.00594EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.2 views

SUSE CVE-2009-2406

Stack-based buffer overflow in the parsetag11packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to n...

6.9CVSS7.1AI score0.00498EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.2 views

SUSE CVE-2009-2908

The ddelete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service kernel OOPS and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a...

4.9CVSS7.2AI score0.01223EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.1 views

SUSE CVE-2010-2492

Buffer overflow in the ecryptfsuidhash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service system crash via unspecified vectors...

7.8CVSS6.9AI score0.00434EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1831

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call...

4.6CVSS6.7AI score0.00366EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1833

Race condition in the ecryptfsmount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfsprivate mount with a mismatched uid...

3.3CVSS6.2AI score0.00358EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.4 views

SUSE CVE-2011-1832

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call...

2.1CVSS6.6AI score0.00382EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.6 views

SUSE CVE-2011-1834

utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service table corruption or bypass intended unmounting restrictions via a umount system call...

2.1CVSS6.5AI score0.00382EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.3 views

SUSE CVE-2011-1836

utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process...

4.6CVSS6.6AI score0.00378EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.6 views

SUSE CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

4.4CVSS6.6AI score0.00352EPSS
Exploits0References5
Rows per page
Query Builder