9 matches found
USN-8255-3: Linux kernel vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000688)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000688 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mountin...
TencentOS Server 2: kernel (TSSA-2024:0557)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0557 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
EUVD-2016-2671
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-0386
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel's OverlayFS...
USN-6285-1 linux-oem-6.1 vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...
USN-6261-1 linux-iot vulnerabilities
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...
USN-6248-1 linux-oem-6.0 vulnerabilities
It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2022-47929 It was discovered that a race condition existed in Adreno GPU...
CVE-2015-1328 - overlayfs privilege escalation | Cloud Foundry
CVE-2015-1328 – overlayfs privilege escalation High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS with 3.16 kernel Description Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to...