A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

...

UBUNTU-CVE-2022-4378

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes Container Runtime Interface CRI, was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack...

GHSA-6X2M-W449-QWX7 Code Injection in CRI-O

Impact A flaw introduced in CRI-O version 1.19 which an attacker can use to bypass the safeguards and set arbitrary kernel parameters on the host. As a result, anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime can abuse the kernel.corepattern kernel parameter ...

cri-o 代码注入漏洞

cri-o is a lightweight container runtime environment for the Kubernetes system. A code injection vulnerability exists in cri-o that can be exploited by an attacker to bypass protections and set arbitrary kernel parameters on the host...

Low: Red Hat Security Advisory: RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1]

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

SUSE: Security Advisory (SUSE-SU-2021:3611-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3170-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: branch-network-formula: - Use kernel parameters from PXE formula also for local boot cobbler - security issues fixed: - CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection bsc1189458 - CVE-2021-40324: Fixed an arbitrary file write bsc11894...

Cisco Elastic Services Controller 资源管理错误漏洞

The Cisco Elastic Services Controller ESC is a virtual network function manager VNFM that manages the lifecycle of virtual network functions VNFs. A denial of service vulnerability exists in system resource management in Cisco Elastic Services Controller 5.3.0.94 and earlier. The vulnerability...

Linux: Read sysctl variables (KB)

sysctl is used to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/. Procfs is required for sysctl support in Linux. You can use sysctl to both read and write sysctl data. Note: This script only stores information for other Policy Controls. Copyright ...