Page 7 of 1251 results (0.013 seconds)

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1

CVE-2022-29581 – kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c

https://notcve.org/view.php?id=CVE-2022-29581

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posteriores A use-after-free flaw was found in u32_change in net/sched/cls_u32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html http://www.openwall.com/lists/oss-security/2022/05/18/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8 https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8 https://security.netapp.com/advisory/ntap-20220629-0005 https://www.debian.org/security • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •

CVSS: 8.6EPSS: 0%CPEs: 27EXPL: 2

CVE-2022-1055 – Use after Free in tc_new_tfilter allowing for privilege escalation in Linux Kernel

https://notcve.org/view.php?id=CVE-2022-1055

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 se presenta un uso de memoria previamente liberada en el Kernel de Linux en la función tc_new_tfilter que podría permitir a un atacante local alcanzar una escalada de privilegios. La explotación requiere espacios de nombres de usuarios no privilegiados. Recomendamos actualizar el commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 A use-after-free vulnerability was found in the tc_new_tfilter function in net/sched/cls_api.c in the Linux kernel. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 https://security.netapp.com/advisory/ntap-20220506-0007 https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc https://access.redhat.com/security/cve/CVE-2022-1055 https://bugzilla.redhat.com/show_bug.cgi?id=2070220 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 9%CPEs: 50EXPL: 5

CVE-2022-0492 – kernel: cgroups v1 release_agent feature may allow privilege escalation

https://notcve.org/view.php?id=CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. Se ha encontrado una vulnerabilidad en la función cgroup_release_agent_write en el archivo kernel/cgroup/cgroup-v1.c del kernel de Linux. Este fallo, bajo determinadas circunstancias, permite el uso de la función cgroups v1 release_agent para escalar privilegios y saltarse el aislamiento del espacio de nombres de forma no esperada • https://github.com/chenaotian/CVE-2022-0492 https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker https://github.com/yoeelingBin/CVE-2022-0492-Container-Escape https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC https://github.com/bb33bb/CVE-2022-0492 http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/17 • CWE-287: Improper Authentication CWE-862: Missing Authorization •

CVSS: 8.2EPSS: 0%CPEs: 6EXPL: 2

CVE-2021-4120 – snapd could be made to bypass intended access restrictions through snap content interfaces and layout paths

https://notcve.org/view.php?id=CVE-2021-4120

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 snapd versión 2.54.2, no lleva a cabo una comprobación suficiente de la interfaz de contenido de snap y de las rutas de diseño, resultando en una posibilidad de que los snaps inyecten reglas de política de AppArmor arbitrarias por medio de declaraciones de interfaz de contenido y de diseño mal formadas y, por tanto, escapen al confinamiento estricto de snap. Corregido en snapd versiones 2.54.3+18.04, 2.54.3+20.04 y 2.54.3+21.10.1 • http://www.openwall.com/lists/oss-security/2022/02/18/2 https://bugs.launchpad.net/snapd/+bug/1949368 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7 https://ubuntu.com/security/notices/USN-5292-1 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-44730 – snapd could be made to escalate privileges and run programs as administrator

https://notcve.org/view.php?id=CVE-2021-44730

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 snapd versión 2.54.2, no comprueba apropiadamente la ubicación del binario snap-confine. Un atacante local que pueda enlazar este binario a otra ubicación puede causar que snap-confine ejecute otros binarios arbitrarios y, por lo tanto, alcanzar una escalada de privilegios. Corregido en snapd versiones 2.54.3+18.04, 2.54.3+20.04 y 2.54.3+21.10.1 • http://www.openwall.com/lists/oss-security/2022/02/18/2 http://www.openwall.com/lists/oss-security/2022/02/23/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QTBN7LLZISXIA4KU4UKDR27Q5PXDS2U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGHG6LJAVJJ72TMART6A7N4Z6MSTGI7 https://ubuntu.com/security/notices/USN-5292-1 https://www.debian.org/security/2022/dsa-5080 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •