EUVD-2019-6715

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-15793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group id...

The vulnerability of the copy_from_user() function in the file system of the shiftfs filesystem in Linux’s operating system, which is related to the repeated release of memory, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the copyfromuser function in the file system of the shiftfs filesystem in Linux’s operating system is related to the repeated release of memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

CVE-2021-3492

Shiftfs is affected in the Ubuntu Linux kernel; a fault in copy_from_user() handling can cause a double-free or leaked memory, enabling local denial of service (kernel memory exhaustion) or privilege escalation. The vulnerability is documented as CVE-2021-3492, with Ubuntu/security advisories (e....

CVE-2019-15792

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace calls fdgetoldfd, then without further checks passes the resulting file into shiftfsrealfdget, which casts file-privatedata, a void that points to a filesystem-depende...

The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to a data type conversion error. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a perpetrator to cause service failures...

The vulnerability of the shiftfs component in the Linux operating system’s kernel allows a hacker to increase their privileges.

The vulnerability of the shiftfs component in the Linux operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...