Code injection

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services int...

CVE-2021-41133

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services int...

CVE-2021-41133 Sandbox bypass via recent VFS-manipulating syscalls

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services int...

CVE-2021-41133 Sandbox bypass via recent VFS-manipulating syscalls

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with direct access to AFUNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services int...

container-tools:rhel8 security, bug fix, and enhancement update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

Reproducer for CVE-2021-22555 as a container First, this roll...

CVE-2021-22555

A flaw was discovered in processing setsockopt IPTSOSETREPLACE or IP6TSOSETREPLACE for 32 bit processes on 64 bit systems. This flaw will allow local user to gain privileges or cause a DoS through user name space. This action is usually restricted to root-privileged users but can also be leverage...

Advisory ROSA-SA-2021-1889

Software: libseccomp 2.3.1 OS: Cobalt 7.9 CVE-ID: CVE-2019-9893 CVE-Crit: CRITICAL CVE-DESC: libseccomp before 2.4.0 incorrectly generated argument comparisons of 64-bit system calls using arithmetic operators LT, GT, LE, GE, which could lead to seccomp filter bypass and potential privilege...

The vulnerability of the qemu-seccomp.c component of the QEMU hardware emulator, related to the use of an incomplete black list, allows a hacker to trigger a service failure.

The vulnerability of the qemu-seccomp.c component of the QEMU hardware emulator lies in the use of the seccomp policy only for the main thread. Exploiting this vulnerability allows an attacker to cause a system failure...

container-tools:3.0 security update

buildah 1.19.7-1.0.1 - Handling redirect from the docker registry Orabug: 29874238 Nikita Gerasimov 1.19.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/a2854ed - Resolves: 1935376 cockpit-podman 29-2 - fix...

container-tools:rhel8 security update

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

SUSE: Security Advisory (SUSE-SU-2018:4297-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firejail: Privilege escalation

Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description It was discovered that a flaw in Firejail’s OverlayFS code allowed restricted programs to escape sandbox. Impac...

container-tools:ol8 security, bug fix, and enhancement update

cockpit-podman 29-2 - fix gating test failure for cockpit-podman - Related: 1914884 29-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: 1883490 conmon 2:2.0.26-1 - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: 1883490...

Improper Input Validation in libseccomp-golang

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

new module: container-tools:3.0

An update is available for fuse-overlayfs, container-selinux, udica, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base...

PT-2021-4226 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux Kernel version 5.11.15 Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit th...

openSUSE: Security Advisory for firejail (openSUSE-SU-2021:0271-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SYS.2.3.A17

Die Nutzung von Systemaufrufen SOLLTE insbesondere fuer exponierte Dienste und Anwendungen auf die unbedingt notwendige Anzahl beschraenkt werden z. B. durch seccomp. Die vorhandenen Standardprofile bzw. -regeln von SELinux, AppArmor sowie alternativen Erweiterungen SOLLTEN manuell ueberprueft un...

container-tools:2.0 security update

buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...