CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage

In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...

Linux systemd Symlink Dereference Via chown_one() Exploit

Linux suffers from an issue with systemd where chownone can dereference symlinks. systemd: chownone can dereference symlinks CVE-2018-15687 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at...