4 matches found
CLSA-2025-1741125454 bubblewrap: Fix of CVE-2024-42472
fix CVE-2024-42472 in flatpak by adding --bind-fd and --ro-bind-fd options in in bubblewrap, enabling race-free bind mounts using an OPATH file descriptor instead of a direct path...
USN-2318-1: Linux kernel vulnerabilities
Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...
USN-2317-1: Linux kernel (Trusty HWE) vulnerabilities
Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2318-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2318-1 advisory. Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit...