Category

Linux Security

Security vulnerabilities and automated fixes for linux security issues

3 posts found

critical8 min

Buffer Over-Read in sslsniff.c find_library_path(): When strlen() Goes Out of Bounds

A high-severity buffer over-read vulnerability was discovered in `bpf/sslsniff.c` at line 515, where `memmove()` was called with a size derived from an unbounded `strlen()` on a pointer computed by searching within a fixed-size path buffer. An attacker able to influence `/proc` filesystem entries or `ldconfig` output could have triggered out-of-bounds memory reads or writes. The fix replaces the unsafe `strlen()` call with a bounds-aware `strnlen()` that constrains the operation to the remaining

#buffer-overflow#c-security#bpf+4 more
O
orbisai0security
Jun 1, 2026
high8 min

Locking Down Docker: Preventing Privilege Escalation in Container Services

A high-severity privilege escalation vulnerability was discovered in a Docker Compose configuration where the `nginx` service lacked the `no-new-privileges` security option and was running with a writable root filesystem. These misconfigurations could allow a compromised container process to gain elevated permissions or download and execute malicious payloads. The fix applies defense-in-depth by adding `no-new-privileges:true`, enforcing a read-only root filesystem, and redirecting writable path

#docker#container-security#privilege-escalation+4 more
O
orbisai0security
May 28, 2026
medium8 min

Command Injection in Firejail's netfilter.c: How Environment Variables Can Lead to Root Compromise

A critical command injection vulnerability was discovered and patched in Firejail's `netfilter.c`, where attacker-controlled environment variables could be used to inject shell metacharacters into a command string executed with elevated privileges. This type of vulnerability is particularly dangerous in security-focused tools like Firejail, which often run with root or elevated permissions, potentially allowing a local attacker to achieve full system compromise. The fix removes the unsafe `exec(

#command-injection#firejail#linux-security+4 more
O
orbisai0security
May 13, 2026