Posts
dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746)
The dnf5 D-Bus daemon security issues we found previously have been incompletely fixed. This allows for local DoS, possibly Privilege Escalation.KDE6 release: D-Bus and Polkit Galore
In the context of the KDE desktop version 6 major release we looked into a series of D-Bus services using Polkit for authentication. This led to a couple of interesting findings and insights.dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components
The dnf5 D-Bus service component allows local attackers with access to the system bus to gain root privileges or trigger denial-of-service.Performance Co-Pilot (pcp): Unsafe use of Directories in /var/lib/pcp and /var/log/pcp breaks pcp Service User Isolation (CVE-2023-6917)
The pcp performance analysis toolkit operates as root in directories controlled by the pcp service user, which allows to escalate privileges from pcp user to root.darkhttpd: timing attack and local leak of HTTP basic auth credentials
This report deals with HTTP basic auth issues in the darkhttpd project. Darkhttpd is a minimal HTTP web server implemented in the C programming language, for serving static files.pam: pam_namespace misses O_DIRECTORY flag in protect_dir() (CVE-2024-22365)
This is report about a local denial of service vulnerability in the pam_namespace.so PAM module. This module is part of the core PAM modules that are found in the linux-pam project.budgie-extras: Multiple Predictable /tmp Path Issues in Various Applications
This report is about a range of predictable /tmp path issues in various applications in the budgie-extras repository. This repository contains a range of helper applications for the Budgie desktop environment.hplip: Security Issues in hpps Program due to Fixed /tmp Path Usage
This report is about the problematic use of fixed temporary paths in the hpps program from the hplip project. Hplip is a collection of utilities for HP printer and scanner devices.Security Issues in Passim Local Caching Server
This is a report about findings in the Passim local caching server. Passim is a relatively new project for a local caching server that helps distributing publicly available files in local networks to save network bandwidth.File Descriptor Hijack vulnerability in open-vm-tools (CVE-2023-34059)
During a routine review of the setuid-root binary vmware-user-suid-wrapper from the open-vm-tools repository, a security vulnerability was found. CVE-2023-34059 identifies the capability to hijack file descriptor in open-vm-tools.
subscribe via RSS