GO-2022-1008 Unauthorized file access in github.com/containers/buildah

SGID programs executed in a container can access files that have negative group permissions for the user's primary group. Consider a file which is owned by user u1 and group g1, permits user and other read access, and does NOT permit group read access. This file is readable by u1 and all other...

Linux: SGID files

When the SGID set group ID bit is set on an executable, it executes with the GID of the owner. This may be intended for some executables. Add files with SGID bit which should be allowed to have this bit set in the preference. This script checks if any other local files than the given have the SGI...

GLSA-200707-04 : GNU C Library: Integer overflow

The remote host is affected by the vulnerability described in GLSA-200707-04 GNU C Library: Integer overflow Tavis Ormandy of the Gentoo Linux Security Team discovered a flaw in the handling of the hardware capabilities mask by the dynamic loader. If a mask is specified with a high population...