5 matches found
Astra Linux – Vulnerability in Containerd
Containerd is an open-source container runtime. A bug was discovered in Containerd prior to versions 1.6.18 and 1.5.18, where supplementary groups were not set up properly within a container. If an attacker has direct access to a container and manipulates the supplementary group permissions, they...
NewStart CGSL MAIN 6.06 : docker-ce Vulnerability (NS-SA-2025-0232)
The remote NewStart CGSL host, running version MAIN 6.06, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up...
UBUNTU-CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
Linux: Unique primary groups for user accounts
The password file stores information about users such like username, UID, GID, etc. Users with same group can access and unintentionally or maliciously modify another user Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyrig...
exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimageint.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...