216 matches found
SUSE CVE-2014-8169
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home...
SUSE CVE-2018-1049
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to...
GSD-2023-1001458 NFS: Fix an Oops in nfs_d_automount()
NFS: Fix an Oops in nfsdautomount This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit 5458bc0f9df639d83471ca384152cc62dbee0aeb, ...
GSD-2023-1000755 NFS: Fix an Oops in nfs_d_automount()
NFS: Fix an Oops in nfsdautomount This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit b6fd25d64b0de27991d6bd677f0adf69ad6ff07a, it...
SUSE-SU-2022:4056-1 Security update for systemd
This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in formattimespan function bsc1204968. - Import commit 56bee38fd0da18dad5fc5c5d12c02238a22b50e2 8a70235d8a core: Add trigger limit for path units 93e544f3a0 core/mount: also add default before dependency for...
ALPINE-CVE-2022-40284
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...
Security Bulletin: Vulnerability in systemd affects Power Hardware Management Console (CVE-2019-6454)
Summary The systemd is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE Vulnerability Details CVEID: CVE-2019-6454 DESCRIPTION: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provid...
autofs bug fix and enhancement update
The autofs utility controls the operation of the automount daemon. The daemon automatically mounts file systems when in use and unmounts them when they are not busy. Bug Fixes and Enhancements: autofs: already mounted as other than autofs or failed to unlink entry in tree BZ1973888...
autofs bug fix and enhancement update
An update is available for autofs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The autofs utility controls the operation of the automount daemon. The daemon...
systemd bug fix and enhancement update
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...
[SECURITY] Fedora 30 Update: systemd-241-14.git18dd3fb.fc30
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
Fedora Update for freeipa FEDORA-2019-c64e1612f5
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: freeipa-4.8.3-1.fc31
IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control, SELinux user roles, services. The solution provides features for further integration with Linux based clients SUDO, automount and integration...
CVE-2017-16541
Firefox proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configured proxy settings. This issue only affects OS X in default...
CVE-2019-2787
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: Automount. Supported versions that are affected are 11.4 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Successful...
CVE-2019-2787
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: Automount. Supported versions that are affected are 11.4 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Successful...
Design/Logic Flaw
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: Automount. Supported versions that are affected are 11.4 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Successful...
CVE-2019-2787
CVE-2019-2787 affects Oracle Solaris Automount (component Automount) on Solaris 11.4 and 10. Exploitation requires network access via NFS and is unauthenticated, with user interaction required. Impact: unauthorized update/insert/delete and read access to Solaris data. Base score CVSSv3.0 4.2 (MED...
Oracle Solaris Critical Patch Update : jul2019_SRU11_4_7_5_0
This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite component: Automount. Supported versions that are affected are 11.4 and 10. Difficult to exploit vulnerability allows...
Solaris 10 (x86) : 150380-02
Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite component: Automount. Supported versions that are affected are 11.4 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via NFS to compromise Oracle Solaris. Successful...