71 matches found
Linux 5.3 Insecure Root Path Handling Exploit
Linux versions 5.3 and above appear to have an issue where iouring suffers from insecure handling of the root directory for path lookups. Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but als...
CVE-2019-18684
Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=ALL NOPASSWD:ALL" to...
DEBIAN-CVE-2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...
CVE-2016-8649
CVE-2016-8649 affects the LXC project: vulnerable in lxc-attach within LXC before 1.0.9 and 2.x before 2.0.6, allowing an unprivileged container to escape to the host filesystem via an inherited host /proc fd. Underlying issue is a guest escape Vulnerability via ptrace of lxc-attach. Affected ver...
CVE-2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...
CVE-2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...
CVE-2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...
UBUNTU-CVE-2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...
Fedora 23 : glibc-2.22-6.fc23 (2015-7174c4d68d)
This update re-adds large file support to the openat function, removes support for the LDPOINTERGUARD environment variable which could be used to weaken security protections in ATSECURE/SUID binaries, and adds function pointer obfuscation to the TLS destructor list. Note that Tenable Network...
DEBIAN-CVE-2015-5706
Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation...
UBUNTU-CVE-2015-5706
Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation...