383 matches found
DEBIAN-CVE-2021-21284
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can...
UBUNTU-CVE-2021-21284
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can...
CVE-2020-16120
A flaw was found in the User namespace on an overlay filesystem in the Linux Kernel, Where a file with no access privilege was able to copy the file to a user defined mount point. An attacker with a special user privilege locally may lead to a kernel information leak problem. Mitigation Red Hat...
CVE-2020-16120
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a...
OPENSUSE-SU-2020:1552-1 Security update for conmon, fuse-overlayfs, libcontainers-common, podman
This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues: podman was updated to v2.0.6 bsc1175821 - install missing systemd units for the new Rest API bsc1175957 and a few man-pages that where missing before - Drop varlink API related bits in favor of the ne...
CVE-2020-14348
It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating...
UBUNTU-CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
CVE-2020-14348
AMQ Online prior to 1.5.2 is affected by CVE-2020-14348, where injecting an invalid top-level field into a user’s AddressSpace configuration in the user namespace can lead to an inconsistent state, causing provisioning and address-creation failures and degraded operation of AMQ Online components....
CVE-2020-25039
Removed by vendor...
CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
AMQ: Denial of Service via unrecognized field injection
A flaw was found in AMQ Online before 1.5.2, where injecting an invalid field to a user's address space configuration of the user namespace puts AMQ Online in an inconsistent state. In this inconsistent state, the AMQ Online components do not operate properly. For example, the failure of...
CVE-2018-18955
A flaw was found in the Linux kernel where mapwrite in kernel/usernamespace.c allows privilege escalation as it mishandles nested user namespaces with more than 5 UID or GID ranges. An unprivileged user with CAPSYSADMIN in an affected user namespace can bypass access controls on resources outside...
Exploit for Use After Free in Linux Linux_Kernel
This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities, including CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955, among others. The exploits are implemented in C and use various techniques, such as KASLR and SMEP/SMAP...
openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2020:0045-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0045-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory bsc1152308. Bug fixes: - Update to Docker...
SUSE-SU-2020:0035-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory bsc1152308. Bug fixes: - Update to Docker...
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path
Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...
Ubuntu shiftfs refcount Underflow / Type Confusion
Ubuntu: refcount underflow and type confusion in shiftfs Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this is...
UBUNTU-CVE-2019-15793
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...