Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
172

Ubuntu 20.04 LTS Linux-GCP OverlayFS Privilege Escalation USN-8297-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8297-1 May 22, 2026 linux-gcp-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems Details: Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - UACCE accelerator framework; - Ethernet bonding driver; - Network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - NVME drivers; - PHY drivers; - SLIMbus drivers; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - NFC subsystem; - BPFsubsystem; - IRQ subsystem; - Memory management; - Bluetooth subsystem; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - NET/ROM layer; - Network traffic control; - SCTP protocol; - TLS protocol; - XFRM subsystem; - Creative Sound Blaster X-Fi driver; - USB sound devices; (CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.15.0-1106-gcp 5.15.0-1106.115~20.04.1 Available with Ubuntu Pro linux-image-gcp 5.15.0.1106.115~20.04.1 Available with Ubuntu Pro linux-image-gcp-5.15 5.15.0.1106.115~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8297-1 CVE-2023-2640, CVE-2023-32629, CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209 . Fixes for critical security issues in Ubuntu's Linux kernel targeting GCP to prevent potential privilege escalation attacks.. Ubuntu Linux GCP Security kernel Privilege Escalation. . LinuxSecurity.com Team

Calendar%202 May 22, 2026 Ubuntu
172

Ubuntu 22.04 20.04 Kernel OverlayFS Privilege Escalation USN-8255-3 Alert

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8255-3 May 19, 2026 linux-nvidia-tegra-5.15, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-raspi: Linux kernel for Raspberry Pi systems - linux-nvidia-tegra-5.15: Linux kernel for NVIDIA Tegra systems Details: Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; (CVE-2026-23112, CVE-2026-23273) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1100-raspi 5.15.0-1100.103 linux-image-raspi 5.15.0.1100.98 linux-image-raspi-5.15 5.15.0.1100.98 linux-image-raspi-nolpae 5.15.0.1100.98 Ubuntu 20.04 LTS linux-image-5.15.0-1058-nvidia-tegra 5.15.0-1058.58~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1058-nvidia-tegra-rt 5.15.0-1058.58~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra 5.15.0.1058.58~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-5.15 5.15.0.1058.58~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt 5.15.0.1058.58~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt-5.15 5.15.0.1058.58~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8255-3 https://ubuntu.com/security/notices/USN-8255-2 https://ubuntu.com/security/notices/USN-8255-1 CVE-2023-2640, CVE-2023-32629, CVE-2026-23112, CVE-2026-23273 Package Information: https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1100.103 . Several security issues fixed in Ubuntu kernel, including overlayfs flaws that allow privilege escalation. Updates required.. Linux Kernel Update, Ubuntu Security Update, System Compromise, OverlayFS Issue. . LinuxSecurity.com Team

Calendar%202 May 19, 2026 Ubuntu
172

Ubuntu 20.04 LTS Linux Kernel USN-8255-2 Critical Local Escalation

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8255-2 May 11, 2026 linux-azure-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Details: Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; (CVE-2026-23112, CVE-2026-23273) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.15.0-1111-azure 5.15.0-1111.120~20.04.1 Available with Ubuntu Pro linux-image-azure 5.15.0.1111.120~20.04.1 Available with Ubuntu Pro linux-image-azure-5.15 5.15.0.1111.120~20.04.1 Available with Ubuntu Pro linux-image-azure-cvm 5.15.0.1111.120~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to anunavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8255-2 https://ubuntu.com/security/notices/USN-8255-1 CVE-2023-2640, CVE-2023-32629, CVE-2026-23112, CVE-2026-23273 . Several critical security fixes for the Ubuntu 20.04 LTS kernel address local privilege escalation risks.. Ubuntu Linux Kernel Security Update, OverlayFS Privileges, Critical Security Advisories. . LinuxSecurity.com Team

Calendar%202 May 11, 2026 Ubuntu
98

Red Hat Enterprise Linux 8 RHSA-2021:5241-01 Moderate: kernel-rt Update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel-rt security and bug fix update Advisory ID: RHSA-2021:5241-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:5241 Issue date: 2021-12-21 CVE Names: CVE-2021-20321 ==================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Real Time for NFV (v. 8) - x86_64 Red Hat Enterprise Linux for Real Time (v. 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename() (CVE-2021-20321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.5.z1 source tree (BZ#2023988) * [rt] RHEL-8.6: disable KASAN, KCSAN and UBSAN for kernel-rt (BZ#2026384) 4. Solution: For details on how to apply this update, which includes thechanges described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2013242 - CVE-2021-20321 kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename() 6. Package List: Red Hat Enterprise Linux Real Time for NFV (v. 8): Source: kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.src.rpm x86_64: kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-kvm-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-kvm-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm Red Hat Enterprise Linux for Real Time (v.8): Source: kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.src.rpm x86_64: kernel-rt-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-core-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debuginfo-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-devel-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-modules-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm kernel-rt-modules-extra-4.18.0-348.7.1.rt7.137.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-20321 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYcHa0dzjgjWX9erEAQiaqQ//fB2LPmDURdQ6D3GJ5ZOG5XmRHNcpp770 uDHTljggUK4DnM7422e47ysfmfCHILvDQF6HyUgyNUOaYfLu9OcpqFDrdMWHI2q3 TrSp78BiZqZumEJt0s2C4yMBFGiClExTSQLgWN2atS50+R74vnTQyxEoeLc4GB7R kNKk32EZ/okO8Gfmnh4+XAqhtotLNYQPlIdpRfhhEFy7/7PkmbGpMJAIW40ZCRc4 szEGhQ28HN8thbumpPPkajZI+maa13luxVMoRAogQ8Q+A9/rI0Qu9ZMrRMBhgGcn OqH9QfS9xwEN3m26lxPq7lkIvocCOtW5LZOSjR8MiCqyON6r1R+9rgPEOcGvASJP 56Vyg106iStzmm0DhEWXpvwLrmXeyw9FfKqprMmfytboBLwSVYKnqinrSkGH8PRm 7A/YSyOKICUdnRxVdpRjABT5mSTWavdFwyChG9+Elgtfjpmhar+fp3Uxm5kZ68A4 ubrx7XM7RPKwcdvGMQeuld/h4bdlI04iiqrWiVhBJtY6qxBCLib6vzbfacO/GNu1 12Eubuxq3dC9U7P2zhgJ3zqTuFTLSQ1UYJFD/uHYsKnxmjAKPyzXQ7yRFuElprSx fso02oy6UfHQ7zjawjEZJoJ55dxu+iIqAZDE4dlynQQ5sWYjuJPL5WlaQnKmsvKP cvTGLEO0elQ=mSvK -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A new version of kernel-rt has been released, which resolves security vulnerabilities with moderate risk for Red Hat Enterprise Linux 8.. Red Hat Security,kernel-rt Update,Security Impact,Bug Fix,Real Time Kernel. . LinuxSecurity.com Team

Calendar%202 Dec 21, 2021 Red Hat
172

Ubuntu 20.04 LTS USN-5141-1 Critical: Firejail File Overwrite Issue

Firejail could be made to overwrite files as the administrator.. =========================================================================Ubuntu Security Notice USN-5141-1 November 11, 2021 firejail vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Firejail could be made to overwrite files as the administrator. Software Description: - firejail: Application sandbox Details: Roman Fiedler discovered that a race condition existed in Firejail when using OverlayFS to prevent writes to the underlying file system. A local attacker could use this to gain administrative privileges. Note: this update disables support for OverlayFS in Firejail. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firejail 0.9.62-3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5141-1 CVE-2021-26910 Package Information: https://launchpad.net/ubuntu/+source/firejail/0.9.62-3ubuntu0.1 . Ubuntu Security Notification USN-5142-2 pertains to OpenSSL vulnerability, providing patch guidelines and remedial measures.. Firejail Vulnerability, Ubuntu Security Notice, Administrative Privileges. . LinuxSecurity.com Team

Calendar%202 Nov 11, 2021 Ubuntu
203

Mageia 7 & 8: 2021-0120 Critical: Firejail Root Escalation Fix

Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, which could result in root privilege escalation. This update disables OverlayFS support in firejail (CVE-2021-26910). References: . MGASA-2021-0120 - Updated firejail package fixes a security vulnerability Publication date: 12 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0120.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-26910 Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, which could result in root privilege escalation. This update disables OverlayFS support in firejail (CVE-2021-26910). References: - https://bugs.mageia.org/show_bug.cgi?id=28322 - https://lists.debian.org/debian-security-announce/2021/msg00030.html - https://www.cve.org/CVERecord?id=CVE-2021-26910 SRPMS: - 8/core/firejail-0.9.64-1.1.mga8 - 7/core/firejail-0.9.56-2.3.mga7 . AppArmor security patch addresses root access vulnerability linked to OverlayFS. Update released on March 12, 2021.. Firejail Update, Mageia Security, OverlayFS Issue, Root Escalation. . LinuxSecurity.com Team

Calendar%202 Mar 11, 2021 Mageia
197

Debian 9 Stretch DLA-2554-1 Critical: Firejail OverlayFS Escalation Fix

Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail. . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2554-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta February 11, 2021 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : firejail Version : 0.9.44.8-2+deb9u2 CVE ID : CVE-2021-26910 Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail. For Debian 9 stretch, this problem has been fixed in version 0.9.44.8-2+deb9u2. We recommend that you upgrade your firejail packages. For the detailed security status of firejail please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firejail Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A recent security update for Firejail on Debian LTS mitigates a privilege escalation risk linked to an OverlayFS weakness—users are advised to apply this update promptly.. Debian LTS Security, Firejail Update, Privilege Escalation Fix. . LinuxSecurity.com Team

Calendar%202 Feb 11, 2021 Debian LTS
87

Debian DSA-4849-1: Firejail Privilege Escalation Mitigated

Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4849-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso February 09, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firejail CVE ID : CVE-2021-26910 Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail. For the stable distribution (buster), this problem has been fixed in version 0.9.58.2-2+deb10u2. We recommend that you upgrade your firejail packages. For the detailed security status of firejail please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firejail Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Notice DSA-4850-1 tackles an issue in firejail's Seccomp implementation, mitigating potential risks of unauthorized access.. Debian Security Update, Firejail Fix, OverlayFS Patch. . LinuxSecurity.com Team

Calendar%202 Feb 09, 2021 Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200