2006 matches found
Important: kernel
Issue Overview: A flaw was found in the Linux kernel. This flaw allows attackers to cause a denial of service soft lockup by triggering the destruction of a large SEV VM, which requires unregistering many encrypted regions. The highest threat from this vulnerability is to system availability...
AZL-7489 CVE-2021-43566 affecting package samba 4.12.5-7
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
AZL-37006 CVE-2021-43566 affecting package samba for versions less than 4.18.3-1
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
DEBIAN-CVE-2021-43566
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
ALPINE-CVE-2021-43566
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
UBUNTU-CVE-2021-43566
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
USN-5217-1 linux-oem-5.14 vulnerabilities
It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-4090 It was discovered that the eBPF implementation in th...
PT-2021-8132 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a buffer overflow in the NFSD component of the Linux kernel. If a client sends a READDIR count argument that is too small, the buffer size calculation results i...
UBUNTU-CVE-2021-4090
An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...
PT-2021-8069 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an out-of-bounds memory write flaw in the NFSD of the Linux kernel, specifically in the nfsd4 decode bitmap4 function. This flaw may allow a local attacker with...
samba: Symlink race error can allow directory creation outside of the exported share
All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...
CLSA-2021-1632262296 Fix of CVE: CVE-2021-38160, CVE-2021-3573, CVE-2021-38205, CVE-2021-3178, CVE-2021-20265, CVE-2021-3612, CVE-2021-32399, CVE-2021-37159, CVE-2014-4508, CVE-2021-28972, CVE-2021-34693, CVE-2021-20292
ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcmmsghead - ELSCVE-705: CVE-2021-38160: virtioconsole: Assure used length from device is limited - ELSCVE-769: CVE-2014-4508: x8632, entry: Do syscall exit work on badsys CVE-2014-4508 - ELSCVE-844: CVE-2021-3573: Bluetooth: use...
Vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows operating systems, allowing a hacker to execute arbitrary code.
The vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted request...
kernel: slab-out-of-bounds access in xdr_set_page_base() in net/sunrpc/xdr.c
A flaw was found in the Linux kernel that allows remote attackers to cause a denial of service xdrsetpagebase slab-out-of-bounds access by performing many NFS 4.2 READPLUS operations. The highest threat from this vulnerability is to system availability...
kernel: slab-out-of-bounds access in xdr_set_page_base() in net/sunrpc/xdr.c
A flaw was found in the Linux kernel that allows remote attackers to cause a denial of service xdrsetpagebase slab-out-of-bounds access by performing many NFS 4.2 READPLUS operations. The highest threat from this vulnerability is to system availability...
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
The vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows operating systems allows a intruder to gain unauthorized access to protected information.
The vulnerability of services for the NFS ONCRPC XDR driver on Microsoft Windows systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information by sending specially crafted requests...
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.
...