Suggestions search

All statuses

Filter by:

With package: perl538Packages.LinuxFD

Found 3 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2023-32629

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip …

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels

References

https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list
https://wiz.io/blog/ubuntu-overlayfs-vulnerability technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L…
https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory x_transferred
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list x_transferred
https://wiz.io/blog/ubuntu-overlayfs-vulnerability x_transferred technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking x_transferred
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L… x_transferred
https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list
https://wiz.io/blog/ubuntu-overlayfs-vulnerability technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L…
https://wiz.io/blog/ubuntu-overlayfs-vulnerability x_transferred technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking x_transferred
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L… x_transferred
https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory x_transferred
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list x_transferred
https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list
https://wiz.io/blog/ubuntu-overlayfs-vulnerability technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L…
https://ubuntu.com/security/notices/USN-6250-1 vendor-advisory x_transferred
https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html mailing-list x_transferred
https://wiz.io/blog/ubuntu-overlayfs-vulnerability x_transferred technical-description
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 issue-tracking x_transferred
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-L… x_transferred

Affected products

Linux

<6.0.0-1020.20
<5.4.0-155.172
<6.2.0-26.26

ubantu_kernel

<6.0.0-1020.20
<5.4.0-155.172
<.2.0-26.26

Matching in nixpkgs

pkgs.m33-linux

Linux program that can communicate with the Micro 3D printer

nixos-unstable -
- nixpkgs-unstable 0-unstable-2016-06-23

pkgs.vibrantlinux

Tool to automate managing your screen's saturation depending on what programs are running

nixos-unstable -
- nixpkgs-unstable 2.2.0

pkgs.perlPackages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perlPackages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl538Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl540Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl538Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl540Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perlPackages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perlPackages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl538Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl540Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl538Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl540Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perlPackages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perlPackages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl538Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl538Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl540Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl540Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

Package maintainers

@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
@Scrumplex Sefa Eyeoglu <contact@scrumplex.net>
@unclamped Maru <clear6860@tutanota.com>

Untriaged

Permalink CVE-2023-5536

5.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

A feature in LXD (LP#1829071), affects the default configuration of …

A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.

References

https://ubuntu.com/security/CVE-2023-5536 issue-tracking
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071 issue-tracking
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5536 issue-tracking
https://discourse.ubuntu.com/t/easy-multi-user-lxd-setup/26215/4 mitigation
https://discourse.ubuntu.com/t/easy-multi-user-lxd-setup/26215/4 mitigation x_transferred
https://ubuntu.com/security/CVE-2023-5536 issue-tracking x_transferred
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071 issue-tracking x_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5536 issue-tracking x_transferred

Affected products

Linux

<24.04

Matching in nixpkgs

pkgs.m33-linux

Linux program that can communicate with the Micro 3D printer

nixos-unstable -
- nixpkgs-unstable 0-unstable-2016-06-23

pkgs.vibrantlinux

Tool to automate managing your screen's saturation depending on what programs are running

nixos-unstable -
- nixpkgs-unstable 2.2.0

pkgs.perlPackages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perlPackages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl538Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl540Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl538Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl540Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perlPackages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perlPackages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl538Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl540Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl538Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl540Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perlPackages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perlPackages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl538Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl538Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl540Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl540Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

Package maintainers

@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
@Scrumplex Sefa Eyeoglu <contact@scrumplex.net>
@unclamped Maru <clear6860@tutanota.com>

Untriaged

Permalink CVE-2023-2640

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: …

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.