container-tools:3.0 security and bug fix update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

Spock SLAF - A Shared Library Application Firewall "SLAF"

Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XXE and SQL...

PT-2022-2565 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.2 Description: The issue is related to the mishandling of seccomp permissions in the Linux kernel. Specifically, the PTRACE SEIZE code path allows attackers to bypass intended restrictions on setting the PT...

Security update for chrony (moderate)

openSUSE Security Update: Security update for chrony Announcement ID: openSUSE-SU-2022:0845-1 Rating: moderate References: 1099272 1115529 1128846 1162964 1172113 1173277 1174075 1174911 1180689 1181826 1187906 1190926 1194229 SLE-17334 Cross-References: CVE-2020-14367 CVSS scores: CVE-2020-14367...

CVE-2022-25636

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

container-tools:rhel8 security, bug fix, and enhancement update

An update is available for fuse-overlayfs, container-selinux, udica, containers-common, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, python-podman, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common...

container-tools:3.0 security, bug fix, and enhancement update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

Container running cve-2022-0185 crash POC !seccomp or busth...

The vulnerability of the application management tools and Flatpak environments, related to insufficient validation of input data, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the application and Flatpak environment management tools is related to the absence of blocking in the seccomp filter for system calls related to mounting. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause...

SUSE: Security Advisory (SUSE-SU-2021:4147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : Flatpak vulnerability (USN-5191-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5191-1 advisory. It was discovered that Flatpak incorrectly handled certain AFUNIX sockets. An attacker could use this to specially craft a Flatpak application that...

SUSE-SU-2021:3769-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content bsc1192063. - CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code...

SUSE-SU-2021:3768-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak bsc1191937...

container-tools:3.0 security and bug fix update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

OPENSUSE-SU-2021:1454-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak bsc1191937. This update was imported from the SUSE:SLE-15-SP2:Update update project...

OPENSUSE-SU-2021:3603-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak bsc1191937...

SUSE-SU-2021:3603-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak bsc1191937...

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:3506-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...

Updated flatpak packages fix security vulnerability

Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process, by manipulating the VFS using recent mount-related...

OESA-2021-1380 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak...