Lucene search
+L

383 matches found

redhatcve
redhatcve
added 2018/02/16 5:51 p.m.29 views

CVE-2018-7169

An issue was discovered in newgidmap, in shadow-utils, that allows an unprivileged user to be placed in a user namespace where setgroups is permitted. An attacker could use this flaw to remove himself from a supplementary group, which may allow access to certain filesystem paths, if the...

5.3CVSS3.5AI score0.01596EPSS
Exploits1References1
nvd
nvd
added 2018/02/15 8:29 p.m.26 views

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS5.3AI score0.01596EPSS
Exploits1References2
prion
prion
added 2018/02/15 8:29 p.m.20 views

Privilege escalation

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5CVSS5.1AI score0.01596EPSS
Exploits1References2Affected Software1
osv
osv
added 2018/02/15 8:29 p.m.2 views

DEBIAN-CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS7.5AI score0.01596EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2018/02/15 8:29 p.m.29 views

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS6.4AI score0.01596EPSS
Exploits1References3
osv
osv
added 2018/02/15 8:29 p.m.5 views

UBUNTU-CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.3CVSS6.4AI score0.01596EPSS
Exploits1References4
cvelist
cvelist
added 2018/02/15 7:0 p.m.28 views

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

5.2AI score0.01596EPSS
Exploits1References2
nessus
nessus
added 2018/01/12 12:0 a.m.49 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0007) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/ibrs: Remove 'ibrsdump' and remove the prdebug Konrad Rzeszutek Wilk Orabug: 27350825 - kABI: Revert kABI: Make the bootcpudata look normal Konrad Rzeszutek Wilk CVE-2017-5715 - userns: prevent...

5.6CVSS7.5AI score0.93838EPSS
Exploits12References3
googleprojectzero
googleprojectzero
added 2017/05/10 12:0 a.m.246 views

Exploiting the Linux kernel via packet sockets

Guest blog post, posted by Andrey Konovalov Introduction Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I also found another one, this time in packet sockets. This post describes ho...

7.8CVSS7.9AI score0.17827EPSS
Exploits34
packetstorm
packetstorm
added 2017/04/01 12:0 a.m.1259 views

Ubuntu PT Chown Privilege Escalation

Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts devices in /dev/pts to the same uid holding the master file descriptor for the slave...

7.2CVSS0.8AI score0.01081EPSS
Exploits2
zdt
zdt
added 2017/03/29 12:0 a.m.107 views

Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr Setgid Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits Source: http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/ Introduction Problem description: Linux user namespace allows to mount file systems as normal user, including the overlayfs. As many of those...

7.2CVSS7.6AI score0.00923EPSS
Exploits2
exploitdb
exploitdb
added 2016/11/22 12:0 a.m.89 views

Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation

Source: http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/ Introduction Problem description: Linux user namespace allows to mount file systems as normal user, including the overlayfs. As many of those features were not designed with namespaces in mind, this...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/22 12:0 a.m.19 views

Ubuntu 14.0415.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation

Ubuntu 14.0415.10 - User Namespace Overlayfs Xattr SetGID Privilege Escalation Source: http://www.halfdog.net/Security/2016/UserNamespaceOverlayfsXattrSetgidPrivilegeEscalation/ Introduction Problem description: Linux user namespace allows to mount file systems as normal user, including the...

0.7AI score
Exploits0
redhat
redhat
added 2016/09/15 7:39 a.m.9 views

kernel: compat IPT_SO_SET_REPLACE setsockopt

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...

7.8CVSS7.2AI score0.05676EPSS
Exploits10References4
redhat
redhat
added 2016/09/14 11:41 p.m.6 views

kernel: compat IPT_SO_SET_REPLACE setsockopt

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...

7.8CVSS7.2AI score0.05676EPSS
Exploits10References4
ubuntucve
ubuntucve
added 2016/06/24 12:0 a.m.43 views

CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

7.1CVSS7AI score0.01885EPSS
Exploits1References13
cnvd
cnvd
added 2016/05/03 12:0 a.m.7 views

Linux kernel denial of service vulnerability (CNVD-2016-02796)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'collectmounts' function in the fs/namespace.c file in versions of Linux kernel prior to 4.0.5, which stems from a program's...

5.5CVSS5.9AI score0.00367EPSS
Exploits0References1
cnvd
cnvd
added 2016/05/03 12:0 a.m.7 views

Linux kernel arbitrary file read vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. An arbitrary file read vulnerability exists in the fs/namespace.c file in versions of Linux kernel prior to 4.0.2, which stems from a program that does not properly support...

5.5CVSS6.1AI score0.00355EPSS
Exploits0References1
cnvd
cnvd
added 2016/05/03 12:0 a.m.6 views

Linux kernel fs_pin implementation denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the fspin implementation of Linux kernel versions prior to 4.0.5, which arises from the program's failure to ensure internal...

5.5CVSS7.2AI score0.0037EPSS
Exploits0References1
nvd
nvd
added 2016/05/02 10:59 a.m.20 views

CVE-2015-4178

The fspin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service system crash by leveraging user-namespace root access for an MNTDETACH umount2 system call, related to...

5.5CVSS5.1AI score0.0037EPSS
Exploits0References7
Rows per page
Query Builder