Checkpoint Restore In Userspace
Monthly
The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows local users to obtain sensitive information via (1) process dumps or (2) ptrace access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows local users to obtain sensitive information via (1) process dumps or (2) ptrace access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.