5 matches found
Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user
Impact The restricted pod security policy PSP, provided in Rancher versions from 2.0 up to and including 2.6.3, has a deviation from the upstream restricted policy provided in Kubernetes, in which Rancher's PSP has runAsUser set to runAsAny, while upstream has runAsUser set to MustRunAsNonRoot...
kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...
kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...
kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...
kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c
A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...