CVE-2022-32250

net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...

CVE-2022-32250

net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...

UBUNTU-CVE-2022-32250

net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...

CVE-2022-32250

net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...

PT-2022-2764

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.18.1 Description The issue is related to an incorrect NFT STATEFUL EXPR check in the net/netfilter/nf tables api.c file, leading to a use-after-free condition. This allows a local user, who is able to create...

DEBIAN-CVE-2022-1678

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients...

GHSA-HHPM-74PM-HF35 ingress-nginx component for Kubernetes allows file overwrite

The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a hyphenated namespace ...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-023 (ALASKERNEL-5.4-2022-023)

The version of kernel installed on the remote host is prior to 5.4.181-99.354. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-023 advisory. AMD recommends using a software mitigation for this issue, which the kernel is enabling by default. The Lin...

GHSA-6R7X-4Q7G-H83J Rancher Project Members Have Continued Access to Namespaces After Being Removed From Them

In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it...

kernel: cgroup: Use open-time creds and namespace for migration perm checks

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

kernel: cgroup: Use open-time creds and namespace for migration perm checks

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

GO-2021-0412 Incorrect authorization in github.com/containerd/imgcrypt

The imgcrypt library provides API extensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-1537)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1489)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5368-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5368-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use thi...

CVE-2022-28356

In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/afllc.c...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5358-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5358-2 advisory. It was discovered that the network traffic control implementation in the Linux kernel contained a use- after-free vulnerability. A local...

CVE-2022-1055

A use-after-free vulnerability was found in the tcnewtfilter function in net/sched/clsapi.c in the Linux kernel. The availability of local, unprivileged user namespaces allows privilege escalation. Mitigation On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user...

The vulnerability in the implementation of the tc_new_tfilter() function in Linux operating systems allows a hacker to increase their privileges.

The vulnerability of the tcnewtfilter function in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to enhance their privileges through user namespace...