CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-515) (Spectre)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0223) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - KVM: SVM: Move spec control call after restore of GS Thomas Gleixner CVE-2018-3639 - x86/bugs: Fix the parameters alignment and missing void Konrad Rzeszutek Wilk CVE-2018-3639 - x86/bugs: Make...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1368-1) (Spectre)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature in modern CPUs were mitigated, aka 'Spectre Variant 4' bnc1087082. A new boot commandline...

Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

Linux Kernel 4.13 (Ubuntu 17.10) - waitid() SMEPSMAPChrome Sandbox Privilege Escalation

Linux Kernel 4.13 Ubuntu 17.10 - waitid SMEPSMAPChrome Sandbox Privilege Escalation // Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In thi...

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

Oracle Linux 7 : openssh (ELSA-2017-2029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2029 advisory. 7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless...

openssh security, bug fix, and enhancement update

7.4p1-11 + 0.10.3-1 - Compiler warnings 1341754 7.4p1-10 + 0.10.3-1 - Add missing messages in FIPS mode 1341754 7.4p1-9 + 0.10.3-1 - Allow harmless syscalls for s390 crypto modules 1451809 7.4p1-8 + 0.10.3-1 - Fix multilib issue in documentation 1450361 7.4p1-6 + 0.10.3-1 - ControlPath too long...

CVE-2016-10123

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges...

CVE-2016-10123

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges...

DEBIAN-CVE-2016-10123

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges...

UBUNTU-CVE-2016-10123

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges...

CVE-2016-10123

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges...

Firejail Local Elevation of Privilege Vulnerability

Firejail is a SUID program designed to reduce the risk of security violations by restricting the runtime environment of untrusted applications through the use of Linux namespaces and seccomp-bpf. Firejail suffers from a local elevation of privilege vulnerability. An attacker could exploit this...

CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

Design/Logic Flaw

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

UBUNTU-CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...

DEBIAN-CVE-2017-5206

Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument...