On Ubuntu kernels carrying both c914c0e27eb0 and “UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs”, an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.
https://lists.ubuntu.com/archives/kernel-team/2023-July/140923.html
https://ubuntu.com/security/notices/USN-6250-1
https://wiz.io/blog/ubuntu-overlayfs-vulnerability
Description McAfee Trial Installer 16.0.53 has Incorrect Access Control that leads to Local Escalation of Privileges. References https://www.mcafee.com/support/s/article/000002516?language=en_US For More
Description In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS
Description GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities.