Lucene search
Veracode Vulnerability DatabaseVERACODE:27022HistorySep 21, 2020 - 6:31 a.m.
Arbitrary Code Execution
2020-09-2106:31:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
33.4%
gce-compute-image-packages is vulnerable to arbitrary code execution. Using the membership to the “lxd” group, an attacker can attach host devices and filesystems, and to attach the host OS filesystem and modify /etc/sudoers to then gain administrative privileges.
References
lists.opensuse.org/opensuse-security-announce/2020-07/msg00037.html
lists.opensuse.org/opensuse-security-announce/2020-07/msg00047.html
cloud.google.com/support/bulletins/#gcp-2020-008
github.com/GoogleCloudPlatform/guest-oslogin/pull/29
gitlab.com/gitlab-com/gl-security/gl-redteam/red-team-tech-notes/-/tree/master/oslogin-privesc-june-2020
Related
debiancve
debiancve
CVE-2020-8933
2020-06-22 14:15:11
ubuntucve
ubuntucve
CVE-2020-8933
2020-06-22 00:00:00
cvelist
cvelist
CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin
2020-06-22 13:45:26
nvd
nvd
CVE-2020-8933
2020-06-22 14:15:11
prion
prion
Design/Logic Flaw
2020-06-22 14:15:00
osv
osv
CVE-2020-8933
2020-06-22 14:15:11
vulnrichment
vulnrichment
CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin
2020-06-22 13:45:26
cve
cve
CVE-2020-8933
2020-06-22 14:15:11
nessus
nessus
openSUSE Security Update : google-compute-engine (openSUSE-2020-996)
2020-07-20 00:00:00
openSUSE Security Update : google-compute-engine (openSUSE-2020-1014)
2020-07-20 00:00:00
suse
suse
Security update for google-compute-engine (important)
2020-07-19 00:00:00
Security update for google-compute-engine (important)
2020-07-18 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:2200-1)
2021-06-09 00:00:00