FreeBSD Security Advisory - FreeBSD-SA-26:02.jail

FreeBSD Security Advisory - By default, jailed processes cannot mount filesystems, including nullfs4. However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged user within a jail is able to nullfs-mount directories, a limitation of th...

Design/Logic Flaw

Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft ...

CVE-2023-38496 Apptainer's ineffective privileges drop when requesting container network

Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft ...

Ineffective privileges drop when requesting container network

Impact Fix https://github.com/apptainer/apptainer/pull/1523 included in Apptainer 1.2.0-rc.2 has introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges. The attack surface is rather limited for users but an...

PT-2020-3712 · Google +1 · Google Cloud +1

Name of the Vulnerable Software and Affected Versions: Google Cloud OS guest-oslogin versions 20190304 through 20200507 Description: The issue is related to incorrect default permission settings in the guest-oslogin feature of Google Cloud OS. This allows an attacker to escalate privileges to roo...