CVE-2022-47952 : LXC UP TO 5.0.1 LXC-USER-NIC PRIVILEGE ESCALATION - Prophaze

CVE-2022-47952 : LXC UP TO 5.0.1 LXC-USER-NIC PRIVILEGE ESCALATION

Description

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because “Failed to open” often indicates that a file does not exist, whereas “does not refer to a network namespace path” often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that “we will report back to the user that the open() failed but the user has no way of knowing why it failed”; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist.

References

https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45

https://github.com/MaherAzzouzi/CVE-2022-47952

https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/lxc.spec.in#L274

https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/src/lxc/cmd/lxc_user_nic.c#L1085-L1104

For More Information

Contact us to get started

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

CVE-2025-23208 : ZOT UP TO 2.1.1 API SETUSERGROUPS PRIVILEGES MANAGEMENT

Description zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db)

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

CVE-2024-12867 : ARCTIC SECURITY ARCTIC HUB UP TO 5.5.1872 CONFIGURATION SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY

Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with

img:is([sizes="auto" i],[sizes^="auto," i]){contain-intrinsic-size:3000px 1500px;}.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em;}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none;}:root{--wp--preset--aspect-ratio--square:1;--wp--preset--aspect-ratio--4-3:4/3;--wp--preset--aspect-ratio--3-4:3/4;--wp--preset--aspect-ratio--3-2:3/2;--wp--preset--aspect-ratio--2-3:2/3;--wp--preset--aspect-ratio--16-9:16/9;--wp--preset--aspect-ratio--9-16:9/16;--wp--preset--color--black:#000;--wp--preset--color--cyan-bluish-gray:#abb8c3;--wp--preset--color--white:#fff;--wp--preset--color--pale-pink:#f78da7;--wp--preset--color--vivid-red:#cf2e2e;--wp--preset--color--luminous-vivid-orange:#ff6900;--wp--preset--color--luminous-vivid-amber:#fcb900;--wp--preset--color--light-green-cyan:#7bdcb5;--wp--preset--color--vivid-green-cyan:#00d084;--wp--preset--color--pale-cyan-blue:#8ed1fc;--wp--preset--color--vivid-cyan-blue:#0693e3;--wp--preset--color--vivid-purple:#9b51e0;--wp--preset--color--pink:#ff3467;--wp--preset--color--blue:#2550de;--wp--preset--color--light-blue:#287ac7;--wp--preset--color--dark-blue:#353f58;--wp--preset--color--silver:#656970;--wp--preset--color--clouds:#f7fbff;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple:linear-gradient(135deg,rgba(6,147,227,1) 0%,#9b51e0 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan:linear-gradient(135deg,#7adcb4 0%,#00d082 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange:linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red:linear-gradient(135deg,rgba(255,105,0,1) 0%,#cf2e2e 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray:linear-gradient(135deg,#eee 0%,#a9b8c3 100%);--wp--preset--gradient--cool-to-warm-spectrum:linear-gradient(135deg,#4aeadc 0%,#9778d1 20%,#cf2aba 40%,#ee2c82 60%,#fb6962 80%,#fef84c 100%);--wp--preset--gradient--blush-light-purple:linear-gradient(135deg,#ffceec 0%,#9896f0 100%);--wp--preset--gradient--blush-bordeaux:linear-gradient(135deg,#fecda5 0%,#fe2d2d 50%,#6b003e 100%);--wp--preset--gradient--luminous-dusk:linear-gradient(135deg,#ffcb70 0%,#c751c0 50%,#4158d0 100%);--wp--preset--gradient--pale-ocean:linear-gradient(135deg,#fff5cb 0%,#b6e3d4 50%,#33a7b5 100%);--wp--preset--gradient--electric-grass:linear-gradient(135deg,#caf880 0%,#71ce7e 100%);--wp--preset--gradient--midnight:linear-gradient(135deg,#020381 0%,#2874fc 100%);--wp--preset--font-size--small:13px;--wp--preset--font-size--medium:20px;--wp--preset--font-size--large:36px;--wp--preset--font-size--x-large:42px;--wp--preset--spacing--20:.44rem;--wp--preset--spacing--30:.67rem;--wp--preset--spacing--40:1rem;--wp--preset--spacing--50:1.5rem;--wp--preset--spacing--60:2.25rem;--wp--preset--spacing--70:3.38rem;--wp--preset--spacing--80:5.06rem;--wp--preset--shadow--natural:6px 6px 9px rgba(0,0,0,.2);--wp--preset--shadow--deep:12px 12px 50px rgba(0,0,0,.4);--wp--preset--shadow--sharp:6px 6px 0px rgba(0,0,0,.2);--wp--preset--shadow--outlined:6px 6px 0px -3px rgba(255,255,255,1),6px 6px rgba(0,0,0,1);--wp--preset--shadow--crisp:6px 6px 0px rgba(0,0,0,1);}:where(.is-layout-flex){gap:.5em;}:where(.is-layout-grid){gap:.5em;}body .is-layout-flex{display:flex;}.is-layout-flex{flex-wrap:wrap;align-items:center;}.is-layout-flex > :is(*,div){margin:0;}body .is-layout-grid{display:grid;}.is-layout-grid > :is(*,div){margin:0;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}.has-black-color{color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color:var(--wp--preset--color--white) !important;}.has-pale-pink-color{color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color:var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color:var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color:var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color:var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color:var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color:var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color:var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color:var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color:var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color:var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color:var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color:var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color:var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color:var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color:var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background:var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background:var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background:var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background:var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background:var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background:var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background:var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background:var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background:var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background:var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background:var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size:var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size:var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size:var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size:var(--wp--preset--font-size--x-large) !important;}:where(.wp-block-post-template.is-layout-flex){gap:1.25em;}:where(.wp-block-post-template.is-layout-grid){gap:1.25em;}:where(.wp-block-columns.is-layout-flex){gap:2em;}:where(.wp-block-columns.is-layout-grid){gap:2em;}:root :where(.wp-block-pullquote){font-size:1.5em;line-height:1.6;}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}@media screen and (max-height: 1024px){.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+3):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}@media screen and (max-height: 640px){.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload),.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *{background-image:none !important;}.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+2):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}}.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload).nitro-lazy,.e-con.e-parent:nth-of-type(n+4):not(.e-lazyloaded):not(.e-no-lazyload) *.nitro-lazy{background-image:none !important;}body.custom-background{background-color:#fff;}@media (min-width: 992px){.nav__flex-parent{height:90px;}.nav{min-height:90px;}.nav__menu > li > a{line-height:90px;}.nav--sticky.sticky .nav__flex-parent{height:68px;}.nav--sticky.sticky .nav__menu > li > a{line-height:68px;color:#656970;}.nav__menu > li{padding-left:12px;padding-right:12px;}.nav--default{background-color:rgba(255,255,255,0);}.nav--default .nav__menu > li > a{color:#000;}.nav--default .nav__dropdown-menu,.nav--default .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#001b70;}.nav--default .nav__dropdown-menu > li > a{color:#fff;}.nav--default .nav__dropdown-menu > li > a:hover,.nav--default .nav__dropdown-menu > li > a:focus{color:#5579fd;}.nav--sticky.sticky{background-color:rgba(255,255,255,1);}.nav--sticky.sticky .nav__menu > li > a:hover,.nav--sticky.sticky .nav__menu > li.active > a,.nav--sticky.sticky .nav__menu > .current_page_parent > a,.nav--sticky.sticky .nav__menu .current-menu-item > a{color:#1e73be;}.nav--transparent{background-color:rgba(255,255,255,0);}.nav--transparent .nav__menu > li > a{color:#fff;}.nav--transparent .nav__menu > li > a:hover,.nav--transparent .nav__menu > li > a:focus .nav--transparent .nav__menu > li.active > a,.nav--transparent .nav__menu > .current_page_parent > a{color:#fff;}.nav--transparent .nav__dropdown-menu,.nav--transparent .nav__menu > .nav__dropdown > .nav__dropdown-menu:before{background-color:#fff;}.nav--transparent .nav__dropdown-menu > li:not(.current-menu-item) > a{color:#656970;}.nav--transparent .nav__dropdown-menu > li > a:hover,.nav--transparent .nav__dropdown-menu > li > a:focus{color:#2550de;}}@media (max-width: 991px){.nav__header{height:60px;}.nav{min-height:60px;background-color:#fff;}.nav__menu > li > a{color:#353f58;}.nav__menu li a{border-bottom-color:rgba(231,234,240,1);}}.nav__header .logo{max-height:60px;}.nav--sticky.sticky .nav__header .logo{max-height:48px;}.page-title{padding-top:90px;padding-bottom:115px;background-color:#fff;}a,.loader,.highlight,.comment-edit-link,.footer .widget.widget_calendar a,.widget_rss .rsswidget:hover,.widget_recent_entries a:hover,.widget_recent_comments a:hover,.widget_nav_menu a:hover,.widget_archive a:hover,.widget_pages a:hover,.widget_categories a:hover,.widget_meta a:hover,.footer__nav-menu li a:hover,.footer__widgets .widget a:hover,.copyright a:hover,.copyright a:focus,.link-underline:hover,.link-underline:focus,.case-study__category:hover,.case-study__category:focus{color:#0c8ff8;}.btn,.btn--color,button,input[type="button"],input[type="reset"],input[type="submit"],.button,.btn--button:focus,.btn:hover,.elementor-widget-button .elementor-button,a.cc-btn.cc-dismiss,.mc4wp-form-fields input[type=submit]:focus,.post-password-form label + input,#back-to-top:hover,.widget_tag_cloud a:hover,.entry__tags a:hover,.page-numbers.current,.pagination a:hover,.link-underline:after,.project-filter a.active,.project-filter a:hover,.project-filter a:focus{background-color:#0c8ff8;}input:focus,textarea:focus{border-color:#1f1ddb;}.elementor-widget-tabs .elementor-tab-title.elementor-active{border-top-color:#0c8ff8;}.blog-section,.archive-section,.search-results-section{background-color:#fff;}.nav--default .nav__menu > li > a:hover,.nav--default .nav__menu > li > a:focus,.nav--default .nav__menu > li.active > a,.nav--default .nav__menu > .current_page_parent > a,.nav--default .nav__menu .current-menu-item > a{color:#1e73be;}.nav--default .nav__btn{background-color:#001b70;color:#fff;}.nav--default .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#d11c46;}.nav--sticky.sticky .nav__btn{background-color:#001b70;color:#fff;}.nav--transparent .nav__btn{background-color:#ff3467;color:#fff;}.nav--transparent .nav__btn:hover,.nav--default .nav__btn:focus{background-color:#81d742;}.nav__icon-toggle-bar{background-color:#282e38;}.page-title__title{color:#353f58;}.page-title__subtitle{color:#656970;}.breadcrumbs-wrap{background-color:#f7fbff;}.breadcrumbs a{color:#353f58;}.breadcrumbs__separator{color:#656970;}.breadcrumbs > span{color:#656970;}.entry__article p a,.entry__article li:not(.wp-social-link) a{color:#000;}.entry__meta li,.entry__meta a,.comment-date{color:#fff;}h1,h2,h3,h4,h5,h6{color:#353f58;}body,.deo-newsletter-gdpr-checkbox__label,figcaption,.comment-form-cookies-consent label,.pagination span,.pagination a{color:#656970;}.elementor-widget-wp-widget-recent-posts a,.widget_recent_entries a,.elementor-widget-wp-widget-nav_menu a,.widget_nav_menu a,.elementor-widget-wp-widget-categories a,.widget_categories a,.elementor-widget-wp-widget-pages a,.widget_pages a,.elementor-widget-wp-widget-pages-archives a,.widget_archive a,.elementor-widget-wp-widget-meta a,.widget_meta a{color:#656970;}.footer{background-color:#032747;}.footer__bottom,.footer{border-color:#fff;}.footer .widget-title{color:#000;}.footer,.footer .social,.footer__nav-menu li a,.footer .widget_recent_entries a,.footer .widget_nav_menu a,.footer .widget_categories a,.footer .widget_pages a,.footer .widget_archive a,.footer .widget_meta a{color:#fff;}.copyright,.copyright a{color:#fff;}.footer__col-2 > .widget:first-child .widget-title{color:#46d19b;}.footer__col-2 > .widget:last-child .widget-title{color:#fff;}.footer__col-3 > .widget:first-child .widget-title{color:#fff;}.footer__col-3 > .widget:last-child .widget-title{color:#f38e26;}.cc-window{background-color:#114a9a;}.cc-message{color:#fff;}.cc-link,.cc-link:active,.cc-link:visited,.cc-link:hover,.cc-link:focus{color:#fff;}a.cc-btn.cc-dismiss{background-color:#3f890b;color:#fff;}h1,.h1{font-family:Rubik;font-size:38px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h2,.h2{font-family:Rubik;font-size:32px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h3,.h3{font-family:Lato;}h4,.h4{font-family:Rubik;font-size:24px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h5,.h5{font-family:Rubik;font-size:20px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}h6,.elementor-widget-tabs .elementor-tab-title,.elementor-accordion .elementor-tab-title{font-family:Rubik;font-size:16px;font-weight:500;letter-spacing:-.05em;line-height:1.3;}body,input{font-size:15px;}.entry__article{font-size:1.125rem;line-height:1.8;}.nav__menu li a{font-size:16px;}