Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002487 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002918 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

SUSE CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

Linux Ubuntu - Other Users coredumps can be read via setgid Directory and killpriv Bypass Exploit

Exploit for linux platform in category dos / poc / Note: I am both sending this bug report to email protected and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to each other to determine the best place to fix...

Linux (Ubuntu) - Other Users coredumps Can Be Read via setgid Directory and killpriv Bypass

/ Note: I am both sending this bug report to [email protected] and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to each other to determine the best place to fix this. I noticed halfdog's old writeup at...

Linux #Ubuntu Coredump Reading Access Bypass Vulnerability

Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass. Linux/Ubuntu: other users' coredumps can be read via setgid directory and killpriv bypass Note: I am both sending this bug report to email protected and filing it in the...

Linux/Ubuntu Coredump Reading Access Bypass

Linux/Ubuntu: other users' coredumps can be read via setgid directory and killpriv bypass Note: I am both sending this bug report to [email protected] and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to each...

DEBIAN-CVE-2018-13405

The inodeinitowner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...

Systemd 228 (SUSE 12 SP2 Ubuntu Touch 15.04) - Local Privilege Escalation

Systemd 228 SUSE 12 SP2 Ubuntu Touch 15.04 - Local Privilege Escalation / source: http://www.openwall.com/lists/oss-security/2017/01/24/4 This is a heads up for a trivial systemd local root exploit, that was silently fixed in the upstream git as: commit 06eeacb6fe029804f296b065b3ce91e796e1cd0e...

Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) - Local Privilege Escalation

/ source: http://www.openwall.com/lists/oss-security/2017/01/24/4 This is a heads up for a trivial systemd local root exploit, that was silently fixed in the upstream git as: commit 06eeacb6fe029804f296b065b3ce91e796e1cd0e Author: .... Date: Fri Jan 29 23:36:08 2016 +0200 basic: fix touch creatin...

CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

Exim 4 (Debian 8 Ubuntu 16.04) - Spool Privilege Escalation

Exim 4 Debian 8 Ubuntu 16.04 - Spool Privilege Escalation / -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello List, This is just a minor issue in Exim, no replies so far, so publication should be OK. Introduction: ============ Exim4 in some variants is started as root but switches to uid/gid...

CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

UBUNTU-CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

Design/Logic Flaw

The genericfilesplicewrite function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified...

CVE-2008-3833

The genericfilesplicewrite function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified...

Design/Logic Flaw

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...