exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

CVE-2022-0185

Status Candidate

Overview

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

Related Files

Ubuntu Security Notice USN-5362-1
Posted Apr 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5362-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4083, CVE-2021-4090, CVE-2021-4155, CVE-2021-42327, CVE-2022-0001, CVE-2022-0185, CVE-2022-0330, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0742, CVE-2022-0847, CVE-2022-22942, CVE-2022-23222, CVE-2022-23960, CVE-2022-25636
SHA-256 | 15aee9355fdfa4005c244c11432f609c7d439bd4c9e2bb1fc22da50bd8c0cbbd
Red Hat Security Advisory 2022-0595-02
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-20321, CVE-2021-23566, CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-42739, CVE-2021-43565, CVE-2022-0155, CVE-2022-0185, CVE-2022-20612, CVE-2022-20617
SHA-256 | 2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67b
Red Hat Security Advisory 2022-0735-01
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0735-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-22963, CVE-2021-3521, CVE-2021-3712, CVE-2021-3807, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-41089, CVE-2021-41091, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-43565, CVE-2021-43816, CVE-2021-43858, CVE-2022-0185, CVE-2022-0235, CVE-2022-24407, CVE-2022-24450
SHA-256 | 0f428578537f68dfaf14cf427f755f1edf5314f8b08ecb6c1be275b4a8bd343e
Red Hat Security Advisory 2022-0540-01
Posted Feb 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0540-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, heap overflow, and privilege escalation vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-4034, CVE-2021-4155, CVE-2021-45417, CVE-2022-0185
SHA-256 | 923f3586648f88116e40f30ce55effbcd7d2b6a803d6888a77b92b4b0e0c6d09
Red Hat Security Advisory 2022-0283-04
Posted Feb 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0283-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.42.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3121, CVE-2021-4154, CVE-2021-4155, CVE-2022-0185, CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366
SHA-256 | b534dd4b6617fbc93a6f5689f9254fa1f24dd599e91f50c3815185d89fde9713
Linux Kernel Slab Out-Of-Bounds Write
Posted Jan 26, 2022
Authored by Crusaders of Rust | Site github.com

This archive contains demo exploits for CVE-2022-0185. There are two versions here. The non-kctf version (fuse version) specifically targets Ubuntu with kernel version 5.11.0-44. It does not directly return a root shell, but makes /bin/bash suid, which will lead to trivial privilege escalation. Adjusting the single_start and modprobe_path offsets should allow it to work on most other Ubuntu versions that have kernel version 5.7 or higher; for versions between 5.1 and 5.7, the spray will need to be improved as in the kctf version. The exploitation strategy relies on FUSE and SYSVIPC elastic objects to achieve arbitrary write. The kctf version achieves code execution as the root user in the root namespace, but has at most 50% reliability - it is targeted towards Kubernetes 1.22 (1.22.3-gke.700). This exploitation strategy relies on pipes and SYSVIPC elastic objects to trigger a stack pivot and execute a ROP chain in kernelspace.

tags | exploit, arbitrary, shell, kernel, root, code execution, bash
systems | linux, ubuntu
advisories | CVE-2022-0185
SHA-256 | 8f9e0a3bd934c75bb63bb75c98368d05ec18006a64e52a0bc3f9ae155f0b72c1
Linux Kernel Slab Out-Of-Bounds Write
Posted Jan 26, 2022
Authored by Alejandro Guerrero

Local privilege escalation exploit for a Linux kernel slab out-of-bounds write vulnerability. This exploit has been tested in an Ubuntu 21.04 Hirsute with kernel 5.11.0.

tags | exploit, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0185
SHA-256 | 46970cc27a7bf55e660be14e1e0975df3058aefb276d3341c8fb2e841fe683c9
Red Hat Security Advisory 2022-0232-02
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0232-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2021-4155, CVE-2022-0185
SHA-256 | 1021642cd93d107bd3c68e50bdb465f39863c1f58e9f9dd4d9463294024f05b0
Red Hat Security Advisory 2022-0231-03
Posted Jan 24, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0231-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-4154, CVE-2021-4155, CVE-2022-0185
SHA-256 | 57770ee1c33dbd8dba6dacf04547cf9e17773b3c538fd57af340bf40ac1aa736
Kernel Live Patch Security Notice LSN-0084-1
Posted Jan 20, 2022
Authored by Benjamin M. Romer

William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2022-0185
SHA-256 | ebdd28169715872d3dae12d04faac30cc03a75e8432f2814b583409805684cf6
Ubuntu Security Notice USN-5240-1
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0185
SHA-256 | f38197d468b0ac1b459114cface6fdb664c54f6bfdf6561758bfbe79ee4a41e0
Red Hat Security Advisory 2022-0188-07
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2021-4155, CVE-2022-0185
SHA-256 | 9285d1161496f0d2f04d09373979faf3ed79e7a3f31a711af8ec8c440d65e0ce
Red Hat Security Advisory 2022-0186-07
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-4154, CVE-2021-4155, CVE-2022-0185
SHA-256 | 255bbad280ff777117f481929995d0e8be22db96c27a7cbab200dab6e85e611d
Red Hat Security Advisory 2022-0187-04
Posted Jan 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-4154, CVE-2021-4155, CVE-2022-0185
SHA-256 | 027360ba53dd866197d83e94c2fa0af7a9631774a89b45f9aad23660f6067bd1
Red Hat Security Advisory 2022-0176-06
Posted Jan 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2021-4155, CVE-2022-0185
SHA-256 | 3a8d39b382e67ddc84b361946493d6691df59cc769794212d341668be76b83b5
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close