618 matches found
CVE-2018-16359
Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...
Design/Logic Flaw
Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...
CVE-2018-16359
Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...
CVE-2018-16359
Google gVisor prior to 2018-08-23 allows access to the renameat system call inside the seccomp sandbox, enabling attackers to rename files on the host OS. The issue is described consistently across multiple sources (NVD and CNVD variants). Affected component/function: gVisor’s seccomp sandbox. Ro...
CVE-2018-16359
Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS...
gVisor Sentry Invalid Access Vulnerability
gVisor Sentry permits access to the renameat syscall. As the sentry is not chrooted, it permits renaming files in the host system. gVisor sentry can call renameat The seccomp sandbox of the gVisor sentry permits access to the renameat syscall:...
QEMU Denial of Service Vulnerability (CNVD-2018-17099)
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in the qemu-seccomp.c file in QEMU, which stems from the program incorrectly handling the seccomp policy for...
CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
Design/Logic Flaw
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
DEBIAN-CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
UBUNTU-CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
CVE-2018-15746
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...
CVE-2018-15746
Technical details beyond the initial description are not provided in the connected documents. Public sources here only restate the vulnerability concept without specifics; monitor for updates and new disclosures.
[SECURITY] [DLA 1423-1] linux-4.9 new package
Package : linux-4.9 Version : 4.9.110-1deb8u1 CVE ID : CVE-2017-5753 CVE-2017-18255 CVE-2018-1118 CVE-2018-1120 CVE-2018-1130 CVE-2018-3639 CVE-2018-5814 CVE-2018-10021 CVE-2018-10087 CVE-2018-10124 CVE-2018-10853 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880...
CVE-2017-5426
On Linux, if the secure computing mode BPF seccomp-bpf filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note:...
Code injection
On Linux, if the secure computing mode BPF seccomp-bpf filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note:...
CVE-2017-5426
CVE-2017-5426: On Linux, when seccomp-bpf is active as Gecko Media Plugin sandbox starts, the sandbox may fail to initialize, leaving code that would run in the sandbox only protected by a weaker filter. Affected products are Firefox < 52 and Thunderbird < 52 (Linux only). This can enable s...
CVE-2017-5426
On Linux, if the secure computing mode BPF seccomp-bpf filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note:...