PT-2026-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NFS implementation where the system fails to return an error when a directory alias is found through nfs3 do create, nfs add or obtain, or d splice alias. In such...

CVE-2019-20427

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...

CVE-2019-20429

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

CVE-2019-20430

In the Lustre file system before 2.12.3, the mdt module has an LBUG panic via a large MDT Body eadatasize field due to the lack of validation for specific fields of packets sent by a client...

CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

CVE-2019-20431

In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...

CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

CVE-2019-20428

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldlrequestcancel function mishandles a large lockcount parameter...

EUVD-2019-10980

Malware in sbrugna...

EUVD-2019-10979

Malware in sbrugna...

EUVD-2019-10973

Malware in sbrugna...

EUVD-2019-10971

Malware in sbrugna...

EUVD-2019-10972

Malware in sbrugna...

EUVD-2019-10978

Malware in sbrugna...

EUVD-2008-4949

Malware in sbrugna...

EUVD-2019-10976

Malware in sbrugna...

EUVD-2019-10974

Malware in sbrugna...

EUVD-2019-10977

Malware in sbrugna...

EUVD-2019-10975

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-20425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets se...