Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

CVE-2021-44731: USN-5292-1: snapd vulnerabilities | Ubuntu security notices | Ubuntu

A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

CVE
Open in Source
#vulnerability#ubuntu#git#perl
CVE-2021-4120: USN-5292-1: snapd vulnerabilities | Ubuntu security notices | Ubuntu

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

CVE-2021-3578: Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug | The GitHub Blog

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.

CVE-2021-3752: [PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested()

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2021-3752: [PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested()

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2021-3578: Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug | The GitHub Blog

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.

CVE-2022-0611: Improper Privilege Management in snipe-it

Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.

CVE-2022-0581: Fuzz job crash output: fuzz-2022-02-07-6714.pcap (#17935) · Issues · Wireshark Foundation / wireshark · GitLab

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

CVE-2021-46462: SEGV /njs/src/njs_object.c:2136:24 in njs_object_set_prototype · Issue #449 · nginx/njs

njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.

CVE-2022-0581: Fuzz job crash output: fuzz-2022-02-07-6714.pcap (#17935) · Issues · Wireshark Foundation / wireshark

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file