EUVD-2022-35028

Malicious code in bioql PyPI...

schroot: Denial of Service

Background schroot is a utility to execute commands in a chroot environment. Description schroot is unecessarily permissive in rules regarding chroot and session names. Impact A crafted chroot or session name can break the internal state of the schroot service, leading to denial of service...

GLSA-202210-11 : schroot: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202210-11 schroot: Denial of Service - Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. CVE-2022-2787 No...

Mageia: Security Advisory (MGASA-2022-0329)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated schroot packages fix security vulnerability

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. CVE-2022-2787...

MGASA-2022-0329 Updated schroot packages fix security vulnerability

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. CVE-2022-2787...

Ubuntu: Security Advisory (USN-5584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5584-1 schroot vulnerability

It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break schroot's internal state causing a denial of service...

USN-5584-1: Schroot vulnerability

It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break schroot's internal state causing a denial of service...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Schroot vulnerability (USN-5584-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5584-1 advisory. It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break...

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

DEBIAN-CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

Session fixation

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

CVE-2022-2787 stricter rules on chroot names

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

CVE-2022-2787

CVE-2022-2787 affects schroot prior to 1.6.13, where overly permissive rules for chroot or session names can lead to a denial of service by manipulating internal state when a schroot session is started. The NVD entries list a CVSS v3.1 base score around 4.3 (Medium), with impact limited to availa...

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

Regular Expression Denial Of Service (ReDoS)

schroot is vulnerable to regualr expression denial of service. The vulnerability exists in isvalidsessionname in sbuild-util.cc because it doesn't limit the allowed characters on schroot names properly which allows an attacker to perform a ReDoS attack...

Debian: Security Advisory (DSA-5213-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...