EUVD-2012-3475

Malware in sbrugna...

Race condition

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...

CVE-2020-16123 Bypass of snapd pulseaudio restrictions

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...

CVE-2020-16123

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCMCREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited ...

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

Linux 5.3 - Privilege Escalation via iouring Offload of sendmsg onto Kernel Thread with Kernel Creds Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG...

Netlink Messages Spoofing

kernel-rt is vulnerable to message spoofing. A flaw was found in the way Netlink messages without SCMCREDENTIALS used for authentication data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink messag...