This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.Ī race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.Ī race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |