Ubuntu Security Notice 5316-1 - Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability to execute arbitrary Lua scripts could possibly escape the Lua sandbox and execute arbitrary code on the host.
718b2b6d3a087eac0f4c8ad6851f928119904aee0cbd3ce9edeb4a0558c3a329
Red Hat Security Advisory 2022-0759-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include a privilege escalation vulnerability.
6f828294aa6a99310c545d9e148b3d1ba0a2c006adc731924bcca8f448f87c47
Variant proof of concept exploit for the Dirty Pipe file overwrite vulnerability. This version hijacks a SUID binary to spawn a root shell.
896e5b87da1c2dcdc6b5bf2a4c03daf9da0145521f3b205c1bcf72db8ff2340f
Proof of concept for a vulnerability in the Linux kernel existing since version 5.8 that allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.
44e38035938b0841fe6c4b79375b95d9bdcc4665c0a63ed1dcb0ca5df0c03212