3209 matches found
Debian dla-3895 : puredata - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3895 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3895-1 [email protected] https://www.debian.org/lts/security/...
CVE-2024-34331
A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root...
FreeBSD : FreeBSD -- ktrace(2) fails to detach when executing a setuid binary (8fb61d94-771b-11ef-9a62-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8fb61d94-771b-11ef-9a62-002590c1f29c advisory. A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not...
Important: Red Hat Security Advisory: bubblewrap and flatpak security update
An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated...
RHEL 9 : bubblewrap and flatpak (RHSA-2024:6356)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6356 advisory. Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...
Important: Red Hat Security Advisory: bubblewrap and flatpak security update
An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: bubblewrap and flatpak security update
An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
Important: Red Hat Security Advisory: bubblewrap and flatpak security update
An update for bubblewrap and flatpak is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2024-43882
A vulnerability was found in the Linux kernel. The fix addresses a race condition during file execution exec, where a file’s permissions could change between an initial check and execution, potentially allowing unauthorized privilege escalation. Specifically, a non-privileged user could gain root...
DEBIAN-CVE-2024-43882
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...
CVE-2024-43882
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...
CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage
In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via dofilpopen, permission checking is done against the file's metadata at that moment, and on success, a file pointer is passed back. Much...
CVE-2024-43882
CVE-2024-43882 is a Linux kernel race Condition (ToCToU) in exec path: permission checks for a file are done at do_filp_open(), but the metadata (mode/UID/GID) used later in execve() can be changed before execution, enabling potential root privilege escalation. The issue is exploitable in scenari...
openSUSE 15 Security Update : apptainer (openSUSE-SU-2024:0244-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0244-1 advisory. - Make sure, digest values handled by the Go library github.com/opencontainers/go-digest and used throughout the Go-implemented containers...
OPENSUSE-SU-2024:0244-1 Security update for apptainer
This update for apptainer fixes the following issues: - Make sure, digest values handled by the Go library github.com/opencontainers/go-digest and used throughout the Go-implemented containers ecosystem are always validated. This prevents attackers from triggering unexpected authenticated registr...
CVE-2024-6760
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...
FreeBSD 安全漏洞
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from a logic error in the code that disables kernel tracing, allowing an unprivileged user to trace and inspect the behavior of the setuid program...
CVE-2024-6760
CVE-2024-6760 describes a logic bug in FreeBSD's ktrace which disables kernel tracing for setuid programs. The flaw allows unprivileged users to trace and inspect the behavior of setuid binaries, potentially reading files they normally should not access (e.g., the local password database). Connec...
CVE-2024-6760 ktrace(2) fails to detach when executing a setuid binary
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...
FreeBSD-SA-24:06.ktrace
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:06.ktrace Security Advisory The FreeBSD Project Topic: ktrace2 fails to detach when executing a setuid binary Category: core Module: ktrace Announced:...