Docker Privileged Container Kernel Escape Exploit

This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the SYSMODULE capability. If that exists and the linux headers are available to compile on the target, then we can escape onto the host. This module requires Metasploit:...

Docker Privileged Container Kernel Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Privileged Container Kernel Escape', 'Description' = %q This module performs a container escape onto the host as the daemon user. It takes...

CVE-2024-2313

A flaw was found in BPFtrace. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bpftrace to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential...

CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2313

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

DEBIAN-CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2314

CVE-2024-2314 concerns the bcc tool loading kernel headers from a temporary directory during header extraction. The vulnerability is locally exploitable by an unprivileged user who could coerce bcc into loading compromised headers. Affected products vary; Nessus/MIRACLE_LINUX and TencentOS/Tencen...

CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2313

CVE-2024-2313 affects bpftrace (and related packages across several Linux distros). The issue arises when kernel headers must be extracted: bpftrace may load headers from a temporary directory, enabling an unprivileged user to force loading of compromised Linux headers. Local, high-privilege-seek...

CVE-2024-2313

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2313

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

qemu-kvm security update

6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...

virt:kvm_utils2 security update

qemu-kvm 6.1.1-5-el8 - hw/pvrdma: Protect against buggy or malicious guest driver Yuval Shaia Orabug: 35064352 CVE-2022-1050 - hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion Philippe Mathieu-Daude Orabug: 35060182 - hw/display/qxl: Avoid buffer overrun in qxlphys2virt...

Debian: Security Advisory (DLA-325-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

qemu security update

15:4.2.1-17.el7 - arm/acpi: fix an out of spec UID for PCI root Michael S. Tsirkin - arm/acpi: fix duplicated UID of PCI interrupt link devices Heyi Guo - arm/acpi: fix PCI PRT definition Heyi Guo - docs: fix references to docs/devel/atomics.rst Stefano Garzarella Orabug: 33659123 - rcu: do not...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2955-1)

This update for qemu fixes the following issues : qemu was updated to v3.1.1.1, a stable, bug-fix-only release, which includes 2 fixes we already carry, as well as one additional use- after-free fix in slirp. CVE-2018-20126 bsc1119991, CVE-2019-14378 bsc1143794, and CVE-2019-15890 bsc1149811...

qemu security update

12:2.9.0-21.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register Chris Kenna - i386: Add some MSR based features on Cascadelake-Server CPU model Tao Xu Orabug: 29643540 - i386: Update stepping of Cascadelake-Server Tao Xu Orabug: 29643540 - kvm: Use...

CentOS Update for kernel CESA-2016:1539 centos7

Check the version of kernel SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882536";...