CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

CVE-2021-41091

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traver...

DEBIAN-CVE-2021-41103

containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...

Security Bulletin: IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Summary Security vulnerabilities have been identified in all levels of IBM Spectrum Scale and IBM GPFS that could allow: - a local attacker to execute commands as root by setting environment variables processed by setuid programs CVE-2016-2985 - a local attacker to execute commands as root by...

Medium: libX11

Issue Overview: A flaw was found in libX11. An integer overflow leading to a heap-buffer overflow occurs when setuid programs call XIM client functions while running with elevated privileges. The highest threat from this vulnerability are to data confidentiality and integrity as well as system...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0117)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0043)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum...

DEBIAN-CVE-2020-14344

An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...

CVE-2020-14344

An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...

Integer overflow

An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...

CVE-2020-14344

An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...

kernel: perf_event_open() and execve() race in setuid programs allows a data leak

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

kernel: perf_event_open() and execve() race in setuid programs allows a data leak

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

CVE-2019-11191

The Linux kernel allows local users to bypass ASLR protections for setuid a.out programs when CONFIGIA32AOUT is enabled and ia32aout module is loaded, because installexeccreds is called too late in the loadaoutbinary in fs/binfmtaout.c. Due to this, the ptracemayaccess check may have a race...

kernel: perf_event_open() and execve() race in setuid programs allows a data leak

A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held during the ptracemayaccess call, it is possible for the specified target task to perform an execve syscall with setuid execution...

CVE-2019-19882

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

CVE-2019-19882

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

CVE-2019-19726

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

PT-2019-15929 · Openbsd · Openbsd

Name of the Vulnerable Software and Affected Versions: OpenBSD versions through 6.6 Description: The issue allows local users to escalate to root because a check for LD LIBRARY PATH in setuid programs can be defeated by setting a very small RLIMIT DATA resource limit. When executing chpass or...

GNU C Library ASLR Bypass Vulnerability

The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. An ASLR bypass vulnerability exists in GNU C Library glibc versions prior to 2.31 on the x86-64 architecture. The vulnerability stems from GNU C Library failing to ignore the...