all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1009: Canonical Ubuntu OverlayFS File System Missing Authorization Local Privilege Escalation Vulnerability

Add to bookmarks
July 28, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

attackers authorization canonical code escalation exploit file file system local local privilege escalation low missing order overlayfs privilege privileged privilege escalation privileges system target ubuntu vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-407: X.Org Server ProcRenderAddGlyphs Use-After-Free Local Privilege Escalation Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code cve +23
ZDI-24-406: Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
adobe adobe after effects aep after effects +18
ZDI-24-405: Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
arbitrary code attackers authentication authorization +20
ZDI-24-415: (Pwn2Own) Oracle VirtualBox E1000 Uninitialized Memory Information Disclosure Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-414: (Pwn2Own) Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code controller +22
ZDI-24-413: (Pwn2Own) Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-412: (Pwn2Own) Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers buffer buffer overflow +23
ZDI-24-411: (Pwn2Own) Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code cves +22
ZDI-24-410: Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attacker attackers code cves +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Data & Security Engineer Lead

@ LiquidX | Singapore, Central Singapore, Singapore
View on infosec-jobs.com

IT and Cyber Risk Control Lead

@ GXS Bank | Singapore - OneNorth
View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Cyber Security Analyst (Weekend 1st Shift)

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com

Senior Manager, Cybersecurity

@ BlueTriton Brands | Stamford, CT, US
View on infosec-jobs.com
View more jobs