Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Ensure That the Unnecessary SUID/SGID Bit on a File Is Deleted

SUID set user ID and SGID set group ID are special permission bits used to control program permissions in UNIX and UNIX-like OSs, including Linux. It is important to ensure that files do not contain unnecessary SUID or SGID bits to improve system security. These bits allow files to run with the...

6.9AI score
Exploits0References4
OSV
OSV
added 2023/07/24 4:15 p.m.5 views

AZL-35165 CVE-2023-1386 affecting package qemu 9.1.0-1

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

7.8CVSS6.3AI score0.00223EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/08/13 5:44 p.m.8 views

kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group an...

7.8CVSS6.7AI score0.0101EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2008/12/18 12:0 a.m.57 views

kernel security and bug fix update

2.4.21-58.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - io to nfs partition hangs ora 5088963 - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli 2.4.21-58.EL - copyuser doesn't...

10CVSS2.9AI score0.07091EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.21 views

Mandrake Linux Security Advisory : cdrecord (MDKSA-2003:058-1)

A vulnerability in cdrecord was discovered that can be used to obtain root access because Mandrake Linux ships with the cdrecord binary suid root and sgid cdwriter. Updated packages are provided that fix this vulnerability. You may also elect to remove the suid and sgid bits from cdrecord manuall...

7.2CVSS5.4AI score0.01059EPSS
Exploits1References2
Rows per page
Query Builder