Lucene search
K

200 matches found

OSV
OSV
added 2018/12/17 5:29 a.m.4 views

CVE-2018-20168

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service "physical address not valid" panic via a crafted application...

5.5CVSS5.8AI score0.00279EPSS
Exploits0References1
Prion
Prion
added 2018/12/17 5:29 a.m.22 views

Code injection

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service "physical address not valid" panic via a crafted application...

4.3CVSS5.3AI score0.00279EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/12/17 5:0 a.m.22 views

CVE-2018-20168

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service "physical address not valid" panic via a crafted application...

5.4AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2018/12/17 5:0 a.m.50 views

CVE-2018-20168

CVE-2018-20168 affects Google gVisor prior to 2018-08-22. The vulnerability arises when a pagetable is reused across different levels while the paging-structure cache remains intact, enabling a crafted application to trigger a denial of service via a “physical address not valid” panic. The availa...

5.5CVSS5.3AI score0.00279EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/12/17 12:0 a.m.4 views

Google gVisor Denial of Service Vulnerability

Google gVisor is a user-space kernel written in the Go language for use in Linux systems. A denial of service vulnerability exists in versions of Google gVisor prior to 2018-08-22, which can be exploited by an attacker to cause a denial of service...

5.5CVSS6.6AI score0.00279EPSS
Exploits0References1
Veracode
Veracode
added 2018/11/19 5:45 a.m.24 views

Memory Overwrite

github.com/google/gvisor is vulnerable to memory overwrite attacks. The vulnerability through repeated calls of shmctlIPCRMID which forces a segment to be destroyed prematurely. This could be reused and accessible by a different process...

9.8CVSS9AI score0.00813EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2018/11/19 12:0 a.m.5 views

Google gVisor Elevation of Privilege Vulnerability

Google gVisor is a user-space kernel written in the Go language for use in Linux systems. A security vulnerability in the pkg/sentry/kernel/shm/shm.go file in versions of Google gVisor prior to 2018-11-01 stems from the program not handling reference counting correctly. An attacker could use the...

9.8CVSS9.3AI score0.00813EPSS
Exploits1References1
OSV
OSV
added 2018/11/17 5:29 p.m.19 views

CVE-2018-19333

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root but not escape the sandbox via vectors involving IPCRMID shmctl calls, because reference counting is mishandled...

9.8CVSS6.6AI score
Exploits0References2
NVD
NVD
added 2018/11/17 5:29 p.m.25 views

CVE-2018-19333

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root but not escape the sandbox via vectors involving IPCRMID shmctl calls, because reference counting is mishandled...

9.8CVSS9.2AI score0.00813EPSS
Exploits1References2
Prion
Prion
added 2018/11/17 5:29 p.m.25 views

Memory corruption

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root but not escape the sandbox via vectors involving IPCRMID shmctl calls, because reference counting is mishandled...

7.5CVSS9AI score0.00813EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/11/17 5:0 p.m.28 views

CVE-2018-19333

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root but not escape the sandbox via vectors involving IPCRMID shmctl calls, because reference counting is mishandled...

9.2AI score0.00813EPSS
Exploits1References2
CVE
CVE
added 2018/11/17 5:0 p.m.50 views

CVE-2018-19333

CVE-2018-19333 affects Google gVisor (pkg/sentry/kernel/shm/shm.go) prior to 2018-11-01. The issue arises from mishandled reference counting, allowing attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via IPC_RMID shmctl-related vectors. This is a m...

9.8CVSS9.1AI score0.00813EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2018/10/31 12:0 a.m.30 views

gVisor runsc Guest -> Host Breakout Via Filesystem Cache Desync

Exploit for linux platform in category dos / poc gVisor runsc guest-host breakout via filesystem cache desync The following writeup describes an attack that can be used to overwrite files in the host filesystem /etc/crontab in my PoC from inside a Docker container that uses gVisor's runsc. I test...

7AI score
Exploits0
CNVD
CNVD
added 2018/09/03 12:0 a.m.5 views

Google gVisor File Renaming Vulnerability

gVisor is Google's open source new sandbox container runtime environment . A file renaming vulnerability exists in Google gVisor. The vulnerability stems from Google gVisor's seccomp sandbox allowing access to the renameat system call. An attacker could exploit this vulnerability to rename files ...

7.1CVSS6.6AI score0.00452EPSS
Exploits0References1
Prion
Prion
added 2018/09/02 10:29 p.m.16 views

Design/Logic Flaw

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...

7.1CVSS6.6AI score0.00452EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/09/02 10:29 p.m.22 views

CVE-2018-16359

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...

7.1CVSS6.6AI score0.00452EPSS
Exploits0References2
OSV
OSV
added 2018/09/02 10:29 p.m.23 views

CVE-2018-16359

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...

6.8CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2018/09/02 10:0 p.m.27 views

CVE-2018-16359

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...

6.6AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2018/09/02 10:0 p.m.53 views

CVE-2018-16359

Google gVisor prior to 2018-08-23 allows access to the renameat system call inside the seccomp sandbox, enabling attackers to rename files on the host OS. The issue is described consistently across multiple sources (NVD and CNVD variants). Affected component/function: gVisor’s seccomp sandbox. Ro...

7.1CVSS6.5AI score0.00452EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2018/09/01 12:0 a.m.58 views

gVisor Sentry Invalid Access Vulnerability

gVisor Sentry permits access to the renameat syscall. As the sentry is not chrooted, it permits renaming files in the host system. gVisor sentry can call renameat The seccomp sandbox of the gVisor sentry permits access to the renameat syscall:...

0.1AI score
Exploits0
Rows per page
Query Builder