Lucene search
K

113 matches found

RedHat Linux
RedHat Linux
added 2024/12/11 4:18 p.m.2 views

kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inodesetsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashin...

4.4CVSS6.4AI score0.00219EPSS
Exploits0References5
OSV
OSV
added 2024/09/13 6:15 a.m.4 views

AZL-49338 CVE-2024-46695 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inodesetsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashin...

4.4CVSS6.4AI score0.00219EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/13 12:0 a.m.7 views

The vulnerability of the `dht_setxattr_mds_cbk` function in the `xlators/cluster/dht/src/dht-common.c` file of the GlusterFS file system, related to the use of memory after it is freed, allows a attacker to cause a service failure.

The vulnerability of the dhtsetxattrmdscbk function in the xlators/cluster/dht/src/dht-common.c file of the GlusterFS file system is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause service failures...

7.8CVSS7.1AI score0.00871EPSS
Exploits1References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.6 views

The vulnerability of the __f2fs_setxattr() function in the fs/f2fs/xattr.c file of the Linux file system’s f2fs kernel module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the f2fs file system in Linux operating systems is related to the use of an uninitialized buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.3AI score0.00302EPSS
Exploits0References34Affected Software5
OSV
OSV
added 2024/03/15 11:7 a.m.4 views

OESA-2024-1268 glusterfs security update

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a...

7.5CVSS7AI score0.00871EPSS
Exploits1References2
OSV
OSV
added 2024/03/15 11:7 a.m.3 views

OESA-2024-1269 glusterfs security update

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a...

7.5CVSS7AI score0.00871EPSS
Exploits1References2
OSV
OSV
added 2024/03/15 11:7 a.m.5 views

OESA-2024-1265 glusterfs security update

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a...

7.5CVSS7AI score0.00871EPSS
Exploits1References2
OSV
OSV
added 2024/03/15 11:7 a.m.5 views

OESA-2024-1267 glusterfs security update

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a...

7.5CVSS7AI score0.00871EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/07/26 11:17 p.m.4 views

SUSE CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

7.8CVSS6.9AI score0.08894EPSS
Exploits12References4
Debian CVE
Debian CVE
added 2023/07/26 1:59 a.m.30 views

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

7.8CVSS8.1AI score0.08894EPSS
Exploits12
Vulnrichment
Vulnrichment
added 2023/07/26 1:59 a.m.23 views

CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

7.8CVSS7.1AI score0.08894EPSS
Exploits12References5
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.4 views

Canonical Ubuntu 安全漏洞

Canonical Ubuntu is a GNU/Linux operating system for desktop applications from Canonical, a British company. A security vulnerability exists in Canonical Ubuntu that stems from Overlayfs ovlcopyupmetainodedata skipping privilege checking when ovldosetxattr is called on the Ubuntu kernel...

7.8CVSS7.6AI score0.08894EPSS
Exploits12References9
Positive Technologies
Positive Technologies
added 2023/07/02 12:0 a.m.5 views

PT-2025-53202

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc1+ 4 Description The Linux kernel contains a flaw within the ntfs3 file system related to handling extended attributes. Specifically, the ntfs read ea function does not properly return an error code for...

7.7CVSS5.9AI score0.00175EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.5 views

PT-2023-4062

Name of the Vulnerable Software and Affected Versions Ubuntu kernels affected versions not specified Description The issue is related to a local privilege escalation vulnerability in Ubuntu kernels, specifically in the overlayfs ovl copy up meta inode data function, which skips permission checks...

9.1CVSS7.3AI score0.08894EPSS
Exploits13References187
OSV
OSV
added 2023/06/06 12:0 a.m.4 views

UBUNTU-CVE-2023-32629

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovlcopyupmetainodedata skip permission checks when calling ovldosetxattr on Ubuntu kernels...

7.8CVSS6.8AI score0.08894EPSS
Exploits12References16
SUSE CVE
SUSE CVE
added 2023/02/22 2:55 a.m.4 views

SUSE CVE-2022-48340

In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dhtsetxattrmdscbk use-after-free...

7.5CVSS7AI score0.00871EPSS
Exploits1References3
OSV
OSV
added 2023/02/21 2:15 a.m.3 views

UBUNTU-CVE-2022-48340

In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dhtsetxattrmdscbk use-after-free...

7.5CVSS5.8AI score0.00871EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.4 views

SUSE CVE-2016-7097

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions...

4.4CVSS6.3AI score0.00377EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-5551

The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOT...

4.4CVSS6.5AI score0.00404EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.1 views

SUSE CVE-2018-12233

In the eaget function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to creat...

4.4CVSS6.6AI score0.02342EPSS
Exploits0References13
Rows per page
Query Builder