CVE-2025-59044

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...

Exploit for CVE-2022-37708

Docker Lightman Exploit Docker CVE-2022-37708. This exploit r...

Linux - Broken uid/gid Mapping for Nested User Namespaces

commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switching to a different data structure if the number of mappings exceeds 5: Instead of linear search over an unsorted array of...

Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit

Exploit for linux platform in category local exploits Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switchin...

SUSE-SU-2016:1038-1 Security update for Linux Kernel Live Patch 6

This update for the Linux Kernel 3.12.44-52.10.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. bsc967773 - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kerne...

SUSE-SU-2016:1033-1 Security update for Linux Kernel Live Patch 3 for SP 1

This update for the Linux Kernel 3.12.53-60.30.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. bsc967773 - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kerne...

SUSE-SU-2016:1034-1 Security update for Linux Kernel Live Patch 11

This update for the Linux Kernel 3.12.51-52.39.1 fixes the following issues: - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. bsc967773 - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kerne...

CVE-2015-8709

kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor...

CVE-2015-8709

kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update

CentOS Errata and Security Advisory CESA-2015:2355 Updated sssd packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability...

RedHat Update for sssd RHSA-2015:2355-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: Red Hat Security Advisory: sssd security, bug fix, and enhancement update

Updated sssd packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...