FileCatalyst Workflow 安全漏洞

FileCatalyst Workflow is a browser-based large file transfer solution from FileCatalyst, Inc. A security vulnerability exists in FileCatalyst Workflow that originates from an SQL injection attack that can be executed by a user with super administrator privileges...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

kernel: NFSD: Fix ia_size underflow

A vulnerability was found in the Linux kernel's NFSD, where an underflow in the iasize field can occur due to incorrect handling of file size types. When an NFS client sends a file size greater than the maximum value the system can handle, it can lead to an underflow in the iasize variable, causi...

kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

A vulnerability was found in the Linux kernel's NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The iasize field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This...

kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

A vulnerability was found in the Linux kernel's NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The iasize field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This...

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to an error in token processing by LFS. This error allows attackers to gain unauthorized access to protected information and write arbitrary files.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an error in token processing for LFS operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information and...

UBUNTU-CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

SUSE CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

SUSE CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

DEBIAN-CVE-2022-48828

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow iattr::iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is...

DEBIAN-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

UBUNTU-CVE-2022-48828

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix iasize underflow iattr::iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Thus there is a range of valid file size values an NFS client can send that is...

UBUNTU-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...