32 matches found
EUVD-2021-27089
Malware in sbrugna...
EUVD-2021-27009
Malware in sbrugna...
K000152448: Linux kernel vulnerability CVE-2023-0386
Security Advisory Description A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug...
Linux Kernel Improper Ownership Management Vulnerability
Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bu...
AlmaLinux 8 : kernel-rt (ALSA-2023:1584)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using...
SUSE-SU-2023:2468-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
SUSE-SU-2023:2455-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002421 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
SUSE-SU-2023:2425-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002411 fixes several issues. The following security issues were fixed: - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hciconncleanup in net/uetooth/hciconn.c bsc1211111. - CVE-2023-1989: Fixed a use after free in...
Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6134-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6134-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...
Rocky Linux 8 : kernel-rt (RLSA-2023:1584)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress usi...
RHEL 9 : kernel-rt (RHSA-2023:1980)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1980 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
RHEL 9 : kpatch-patch (RHSA-2023:1984)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1984 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...
RHEL 9 : kernel (RHSA-2023:1970)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1970 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: FUSE filesystem low-privileged user...
RHEL 9 : kpatch-patch (RHSA-2023:1681)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1681 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...
Oracle Linux 9 : kernel (ELSA-2023-1703)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1703 advisory. - ovl: fail on invalid uid/gid mapping at copy up Miklos Szeredi 2165344 2165345 CVE-2023-0386 Tenable has extracted the preceding description block directly fr...
RHEL 8 : kernel (RHSA-2023:1554)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1554 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: ALSA: pcm: Move rwsem lock inside...
RHEL 8 : kernel-rt (RHSA-2023:1584)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1584 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...
CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...
CVE-2023-0386
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...