7 matches found
CVE-2026-31431
CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...
CVE-2017-18017
CVE-2017-18017 affects the Linux kernel’s tcpmss_mangle_packet in net/netfilter/xt_TCPMSS.c. When xt_TCPMSS is used in an iptables action, a remote attacker can trigger a use-after-free and memory corruption, leading to a denial of service. Affected versions are Linux kernel before 4.11, and 4.9....
CVE-2018-6556
CVE-2018-6556 affects lxc-user-nic where, when asked to delete a network interface, the code unconditionally opens a user-supplied path. This can let an unprivileged user infer the existence of a path they should not reach and may trigger side effects by opening (read-only) kernel files such as /...
CVE-2022-27239
CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...
CVE-2019-3682
The CVE-2019-3682 entry affects the docker-kubic package in SUSE CaaS Platform 3.0, specifically before 17.09.1_ce-7.6.1. The issue allows access to an insecure API locally on the Kubernetes master node, exposing the system to high-impact confidentiality, integrity, and availability risks (CVSSv3...
CVE-2020-8029
The CVE-2020-8029 entry concerns SUSE CaaS Platform 4.5 where the skuba component permits an Incorrect Permission Assignment for a Critical Resource, enabling local attackers to access the kublet key. Affected versions are skuba prior to the patch referenced by SUSE’s pull request #1416 (https://...
CVE-2020-8030
CVE-2020-8030 affects SUSE CaaS Platform 4.5, specifically the scuba/skuba join workflow that uses insecure temporary files in /tmp. The root cause is insecure handling of temporary files, enabling a local attacker to leak the bootstrapToken or modify the configuration file before it is processed...