Security Bulletin: Multiple Vulnerabilities in Hyper-Converged Database

Summary Multiple vulnerabilities were addressed in Hyper-Converged Database version 1.2.5 Vulnerability Details CVEID:CVE-2024-56433 DESCRIPTION: shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that c...

SUSE CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2024-56433...

Siemens SIMATIC S7-1500 Initialization of a Resource with an Insecure Default (CVE-2024-56433)

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to accou...

shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to accou...

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

...

DEBIAN-CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

AZL-54674 CVE-2024-56433 affecting package shadow-utils for versions less than shadow-utils_4.18.0

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

UBUNTU-CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

CVE-2024-56433

CVE-2024-56433 affects shadow-utils (shadow) 4.4–4.17.0, which uses a default /etc/subuid range (e.g., UID 100000–165535) that can clash with locally defined UIDs. The documented impact is potential account takeover via newuidmap access to local or same-host resources (e.g., NFS home directories)...

shadow-utils 安全漏洞

shadow-utils is an open source package from shadow-maint. A security vulnerability exists in shadow-utils versions 4.4 through 4.17.0, which stems from the fact that the default /etc/subuid configuration may conflict with the UIDs of local network users, leading to a risk of account takeover...

PT-2024-36816

Name of the Vulnerable Software and Affected Versions shadow-utils versions 4.4 through 4.17.0 Description The issue arises from the default /etc/subuid behavior established by shadow-utils, which can conflict with the uids of users defined on locally administered networks. This conflict can...

Exploit for Use After Free in Linux Linux_Kernel

This is a collection of exploit code for various Linux kernel vulnerabilities, specifically CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955. The exploits are written in C and use various techniques such as AFPACKET race condition, UDP fragmentation offset, and Linux kernel...

Linux - Broken uid/gid Mapping for Nested User Namespaces

commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switching to a different data structure if the number of mappings exceeds 5: Instead of linear search over an unsorted array of...