Lucene search
+L

383 matches found

osv
osv
added 2021/02/02 6:15 p.m.4 views

DEBIAN-CVE-2021-21284

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can...

6.8CVSS6.9AI score0.01065EPSS
Exploits0References1
osv
osv
added 2021/02/02 6:15 p.m.4 views

UBUNTU-CVE-2021-21284

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can...

6.8CVSS5.8AI score0.01065EPSS
Exploits0References9
redhatcve
redhatcve
added 2020/10/21 12:15 a.m.36 views

CVE-2020-16120

A flaw was found in the User namespace on an overlay filesystem in the Linux Kernel, Where a file with no access privilege was able to copy the file to a user defined mount point. An attacker with a special user privilege locally may lead to a kernel information leak problem. Mitigation Red Hat...

5.1CVSS5.6AI score0.00396EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2020/10/13 5:0 p.m.51 views

CVE-2020-16120

Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a...

5.1CVSS6.8AI score0.00396EPSS
Exploits0References5
osv
osv
added 2020/09/27 10:22 a.m.8 views

OPENSUSE-SU-2020:1552-1 Security update for conmon, fuse-overlayfs, libcontainers-common, podman

This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues: podman was updated to v2.0.6 bsc1175821 - install missing systemd units for the new Rest API bsc1175957 and a few man-pages that where missing before - Drop varlink API related bits in favor of the ne...

5.9CVSS7.2AI score0.01849EPSS
Exploits0References9
osv
osv
added 2020/09/16 6:15 p.m.2 views

CVE-2020-14348

It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating...

4.3CVSS5.8AI score0.00808EPSS
Exploits0References1
osv
osv
added 2020/09/16 6:15 p.m.4 views

UBUNTU-CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

8.1CVSS7.1AI score0.02014EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2020/09/16 6:15 p.m.27 views

CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

8.1CVSS7.1AI score0.02014EPSS
Exploits0References3
cve
cve
added 2020/09/16 5:43 p.m.70 views

CVE-2020-14348

AMQ Online prior to 1.5.2 is affected by CVE-2020-14348, where injecting an invalid top-level field into a user’s AddressSpace configuration in the user namespace can lead to an inconsistent state, causing provisioning and address-creation failures and degraded operation of AMQ Online components....

4.3CVSS4.6AI score0.00808EPSS
Exploits0References1Affected Software1
debiancve
debiancve
added 2020/09/16 5:42 p.m.26 views

CVE-2020-25039

Removed by vendor...

8.1CVSS7.1AI score0.02014EPSS
Exploits0
alpinelinux
alpinelinux
added 2020/09/16 5:42 p.m.17 views

CVE-2020-25039

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...

8.1CVSS8.5AI score0.02014EPSS
Exploits0
redhat
redhat
added 2020/07/29 3:21 p.m.4 views

AMQ: Denial of Service via unrecognized field injection

A flaw was found in AMQ Online before 1.5.2, where injecting an invalid field to a user's address space configuration of the user namespace puts AMQ Online in an inconsistent state. In this inconsistent state, the AMQ Online components do not operate properly. For example, the failure of...

4.3CVSS5.7AI score0.00808EPSS
Exploits0References4
redhatcve
redhatcve
added 2020/04/02 8:59 a.m.57 views

CVE-2018-18955

A flaw was found in the Linux kernel where mapwrite in kernel/usernamespace.c allows privilege escalation as it mishandles nested user namespaces with more than 5 UID or GID ranges. An unprivileged user with CAPSYSADMIN in an affected user namespace can bypass access controls on resources outside...

7.8CVSS3.8AI score0.07611EPSS
Exploits24References2
gitee
gitee
added 2020/01/14 8:53 p.m.15 views

Exploit for Use After Free in Linux Linux_Kernel

This repository contains various kernel exploits for Linux systems. The exploits target different vulnerabilities, including CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955, among others. The exploits are implemented in C and use various techniques, such as KASLR and SMEP/SMAP...

7.8CVSS7.1AI score0.20797EPSS
Exploits64
openvas
openvas
added 2020/01/14 12:0 a.m.28 views

openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2020:0045-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.1AI score0.04409EPSS
Exploits1References2
osv
osv
added 2020/01/13 5:16 p.m.7 views

OPENSUSE-SU-2020:0045-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory bsc1152308. Bug fixes: - Update to Docker...

7.5CVSS7.9AI score0.04409EPSS
Exploits1References8
osv
osv
added 2020/01/08 8:6 a.m.7 views

SUSE-SU-2020:0035-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory bsc1152308. Bug fixes: - Update to Docker...

7.5CVSS7.8AI score0.04409EPSS
Exploits1References8
exploitdb
exploitdb
added 2019/11/20 12:0 a.m.360 views

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

7AI score
Exploits0
packetstorm
packetstorm
added 2019/11/14 12:0 a.m.283 views

Ubuntu shiftfs refcount Underflow / Type Confusion

Ubuntu: refcount underflow and type confusion in shiftfs Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this is...

0.2AI score0.00685EPSS
Exploits2
osv
osv
added 2019/11/12 6:0 p.m.5 views

UBUNTU-CVE-2019-15793

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...

8.8CVSS7.2AI score0.00685EPSS
Exploits2References4
Rows per page
Query Builder