Astra Linux - уязвимость в systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

UBUNTU-CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003254 advisory. The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003174 advisory. The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002531 advisory. The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003486 advisory. The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allow...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001187 advisory. The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allow...

EUVD-2016-7977

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which...

SUSE CVE-2016-7097

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions...

SUSE CVE-2017-5551

The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOT...

SUSE CVE-2019-3844

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that wil...

Samba 1.9.18 Elevate Privileges Vulnerability (CVE-1999-1288)

Samba is prone to a elevate privileges vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2017:0471-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7097

It was found that when file permissions were modified via chmod and the user modifying them was not in the owning group or capable of CAPFSETID, the setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in ...

EulerOS Virtualization for ARM 64 3.0.3.0 : systemd (EulerOS-SA-2019-2319)

According to the versions of the systemd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be...

kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

Privilege Escalation

Linux kernel is vulnerable to privilege escalation. This occurs in 'tmpfs' file system, the set group id setgid bit is not properly cleared during a setxattr call. A local user can exploit this to change permissions on a file and gain elevated privileges on the target system which allows an...

DEBIAN-CVE-2019-3844

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that wil...