16 matches found
CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
Code injection
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
CVE-2015-1350
CVE-2015-1350 is confirmed in the Connected documents as a vulnerability in the Linux kernel VFS subsystem (3.x) where setattr operations underspecify removal of extended privilege attributes. This can allow local users to cause a denial of service by stripping capabilities from specific processe...
CVE-2015-1350
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service capability stripping via a failed invocation of a system call, as...
Ubuntu: Security Advisory (USN-2857-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2858-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 15.10 : linux vulnerability (USN-2858-1)
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges. Note that Tenable Network Security has...
Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2858-3)
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges. Note that Tenable Network Security has...
Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerability (USN-2858-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2858-2 advisory. Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerability (USN-2857-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2857-2 advisory. Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files...
Ubuntu 15.04 : linux vulnerability (USN-2857-1)
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges. Note that Tenable Network Security has...
USN-2858-3: Linux kernel (Raspberry Pi 2) vulnerability
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...
USN-2858-2: Linux kernel (Wily HWE) vulnerability
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...
USN-2857-2: Linux kernel (Vivid HWE) vulnerability
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...
CVE-2015-8660
The ovlsetattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application...