Количество 125
Количество 125
CVE-2018-13405
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
CVE-2018-13405
The inode_init_owner function in fs/inode.c in the Linux kernel throug ...
SUSE-SU-2018:2472-1
Security update for the Linux Kernel (Live Patch 1 for SLE 15)
SUSE-SU-2018:2387-1
Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2)
ELSA-2018-4196
ELSA-2018-4196: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2018:2474-1
Security update for the Linux Kernel (Live Patch 0 for SLE 15)
SUSE-SU-2018:2413-1
Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3)
SUSE-SU-2018:2328-1
Security update for the Linux Kernel
SUSE-SU-2018:1309-1
Security update for the Linux Kernel
SUSE-SU-2018:1080-1
Security update for the Linux Kernel
GHSA-496w-f8vc-3275
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
BDU:2019-00255
Уязвимость функции do_get_mempolicy() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2018:2374-1
Security update for the Linux Kernel
SUSE-SU-2018:0848-1
Security update for the Linux Kernel
SUSE-SU-2018:0834-1
Security update for the Linux Kernel
SUSE-SU-2018:1172-1
Security update for the Linux Kernel
GHSA-5p56-pcgw-42mf
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
ELSA-2019-0717
ELSA-2019-0717: kernel security and bug fix update (IMPORTANT)
BDU:2022-05860
Уязвимость функции inode_init_owner компонента fs/inode.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
SUSE-SU-2018:1375-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-13405 The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. | CVSS3: 7.8 | 0% Низкий | почти 7 лет назад |
| CVE-2018-13405 The inode_init_owner function in fs/inode.c in the Linux kernel throug ... | CVSS3: 7.8 | 0% Низкий | почти 7 лет назад |
 | SUSE-SU-2018:2472-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15) | почти 7 лет назад | ||
| SUSE-SU-2018:2387-1 Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2) | почти 7 лет назад | ||
| ELSA-2018-4196 ELSA-2018-4196: Unbreakable Enterprise kernel security update (IMPORTANT) | почти 7 лет назад | ||
| SUSE-SU-2018:2474-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15) | почти 7 лет назад | ||
| SUSE-SU-2018:2413-1 Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3) | почти 7 лет назад | ||
| SUSE-SU-2018:2328-1 Security update for the Linux Kernel | почти 7 лет назад | ||
| SUSE-SU-2018:1309-1 Security update for the Linux Kernel | около 7 лет назад | ||
| SUSE-SU-2018:1080-1 Security update for the Linux Kernel | около 7 лет назад | ||
| GHSA-496w-f8vc-3275 The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | CVSS3: 7.8 | 0% Низкий | около 3 лет назад |
 | BDU:2019-00255 Уязвимость функции do_get_mempolicy() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
| SUSE-SU-2018:2374-1 Security update for the Linux Kernel | почти 7 лет назад | ||
| SUSE-SU-2018:0848-1 Security update for the Linux Kernel | около 7 лет назад | ||
| SUSE-SU-2018:0834-1 Security update for the Linux Kernel | около 7 лет назад | ||
| SUSE-SU-2018:1172-1 Security update for the Linux Kernel | около 7 лет назад | ||
| GHSA-5p56-pcgw-42mf The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. | CVSS3: 7.8 | 0% Низкий | около 3 лет назад |
| ELSA-2019-0717 ELSA-2019-0717: kernel security and bug fix update (IMPORTANT) | около 6 лет назад | ||
| BDU:2022-05860 Уязвимость функции inode_init_owner компонента fs/inode.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | почти 7 лет назад |
| SUSE-SU-2018:1375-1 Security update for the Linux Kernel | около 7 лет назад |
Уязвимостей на страницу