48 matches found
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8 when there is an NFS export of a subdirectory of a filesystem allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior
...
CVE-2021-3178
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attac...
DEBIAN-CVE-2021-3178
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attac...
Default credentials
DISPUTED fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent...
CVE-2021-3178
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attac...
CVE-2021-3178
CVE-2021-3178 affects the Linux kernel NFSv3 export path: when exporting a subdirectory, READDIRPLUS can leak the parent directory file handle, allowing a client to access files outside the exported subtree. Descriptions note this through kernel 5.10.8; some advisories reference fixes in patched ...
PT-2021-2999 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.10.8 Description: The issue is related to the fs/nfsd/nfs3xdr.c component in the Linux kernel, which allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS when there is an NFS...
kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c
A flaw was found in the XFS file system in the Linux kernel. An acquired ILOCK was not freed/unlock when the call to xfsqmvopchownreserve fails and the lock is still held and can lead to denial to access for that device. This is primarily a local denial of service but could result in a remote...
CVE-2017-14387
The CVE-2017-14387 issue concerns EMC Isilon OneFS NFS exports. The affected products are OneFS versions 8.1.0.0, 8.0.1.0–8.0.1.1, and 8.0.0.0–8.0.0.4. The flaw is that changes to the default NFS export security flavor are not consistently propagated to all new and existing NFS exports configured...
EMC Isilon OneFS NFS Export Security Bypass Vulnerability
EMC Isilon OneFS is a distributed file system that supports EMC Isilon Horizontally Scalable Storage System from EMC Corporation. The system combines the three layers of a traditional storage architecture file system, volume manager and data protection into a single unified software layer to crea...
Privilege escalation
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports...
CVE-2017-4979
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports...
CVE-2017-4979
EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports...
SUSE SLES11 Security Update : kernel (SUSE-SU-2016:1672-1)
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Notable changes in this kernel : - It is now possible to mount a NFS export on the exporting host directly. The following security bugs were fixed : - CVE-2016-5244: A kernel information leak in...
Debian Security Advisory DSA 2743-1 (kfreebsd-9 - privilege escalation/information leak)
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a privilege escalation or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-3077 Clement Lecigne from the Google Security Team reported an integer...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120710)
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - A NULL pointer dereference flaw was found in the nfctfrag6reasm function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote...
RedHat Update for kernel RHSA-2012:1064-01
Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2012:1064-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
RedHat Update for kernel RHSA-2012:1064-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 6 : kernel (CESA-2012:1064)
Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : kernel (RHSA-2012:1064)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1064 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A NUL...