Skip to main content

Ubuntu Core

4 CVEs product

Monthly

CVE-2017-6507 MEDIUM PATCH This Month

An issue was discovered in AppArmor before 2.12. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Docker Privilege Escalation Apparmor Ubuntu Core Ubuntu Touch
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2016-1576 HIGH POC PATCH This Week

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Linux Ubuntu Core Ubuntu Linux Ubuntu Touch +1
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-1575 HIGH POC PATCH This Week

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Linux Linux Kernel Ubuntu Core Ubuntu Linux +1
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2015-8325 HIGH This Week

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SSH Privilege Escalation Debian Linux Openssh Ubuntu Core +2
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

An issue was discovered in AppArmor before 2.12. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Docker Privilege Escalation Apparmor +2
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Linux Ubuntu Core +3
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Linux Linux Kernel +3
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SSH Privilege Escalation Debian Linux +4
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy