nono: Sandbox escape on Linux via D-Bus: `systemd-run --user`

Summary The nono Landlock/seccomp policies allow access to local Unix domain sockets concrete and abstract. This allows an easy sandbox escape by talking to the per-user systemd dbus socket. Threat scenario: Running Aider, Claude Code, OpenCode or similar tools with "allow bash" policy so that it...

openSUSE Security Update : python-azure-agent (openSUSE-2020-261)

This update for python-azure-agent fixes the following issues : python-azure-agent was updated to version 2.2.45 jscECO-80 + Add support for Gen2 VM resource disks + Use alternate systemd detection + Fix /proc/net/route requirement that causes errors on FreeBSD + Add cloud-init auto-detect to...

openSUSE: Security Advisory for python-azure-agent (openSUSE-SU-2020:0261-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

vdsm: privilege escalation to root via systemd_run

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemdrun function exposed to the vdsm system user could be abused to execute arbitrary commands as root...

Moderate: Red Hat Security Advisory: vdsm security and bug fix update

An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

vdsm: privilege escalation to root via systemd_run

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemdrun function exposed to the vdsm system user could be abused to execute arbitrary commands as root...

vdsm: privilege escalation to root via systemd_run

A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemdrun function exposed to the vdsm system user could be abused to execute arbitrary commands as root...