kernel: NFSD: Fix exposure in nfsd4_decode_bitmap()

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix exposure in nfsd4decodebitmap The Linux kernel CVE team has assigned CVE-2021-47213 to this issue...

PT-2024-11228 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the NFSD, specifically in the nfsd4 decode bitmap function. The issue was reported by [email protected]. Recommendation...

An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw a local attacker with user privilege may gain access to out-of-bounds memory leading to a system integrity and confidentiality threat.

...

PYSEC-2020-253

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...