The vulnerability of the SmartOS WIFI router ADTRAn SR400ac allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the SmartOS WIFI router ADTRAn SR400ac operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the root user...

CVE-2021-43395

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle...

Design/Logic Flaw

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle...

CVE-2021-43395

CVE-2021-43395 affects illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS CE r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923, plus Oracle Solaris 10/11. The issue allows a local unprivileged user to trigger a deadlock and kernel panic by issuing crafted rename and rmdir op...

CVE-2021-43395

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle...

PT-2022-2027 · Oracle · Oracle Solaris

Name of the Vulnerable Software and Affected Versions: illumos versions before f859e7171bb5db34321e45585839c6c3200ebb90 OmniOS Community Edition version r151038 OpenIndiana Hipster version 2021.04 SmartOS version 20210923 Oracle Solaris versions 10 and 11 Description: A local unprivileged user ca...

CVE-2020-27678

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parseusername in lib/libpam/pamframework.c...

CVE-2020-27678

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parseusername in lib/libpam/pamframework.c...

Buffer overflow

An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parseusername in lib/libpam/pamframework.c...

The vulnerability of the SMB_IOC_SVCENUM function in the Joyent SmartOS operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the SMBIOCSVCENUM function in the open-source operating system Joyent SmartOS is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Joyent SmartOS Hyprlofs Denial of Service Vulnerability

Joyent SmartOS is a set of open source operating system from Joyent, USA. A denial of service vulnerability exists in the Hyprlofs file system's Ioctl system call call with the help of the HYPRLOFSADDENTRIES command in Joyent SmartOS version 20161110T013148Z, which can be exploited by an attacker...

CVE-2016-9040

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When...

CVE-2016-9040

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When...

Design/Logic Flaw

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When...

CVE-2016-9040

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When...

CVE-2016-9040

CVE-2016-9040 : Joyent SmartOS Hyprlofs IOCTL ADD_ENTRIES (32-bit) vulnerability. Hyprlofs_ioctl allocates a buffer (len based on user input) and may not free it on all paths, enabling memory exhaustion and full system DoS with repeated calls. Affected: SmartOS 20161110T013148Z Hyprlofs file syst...

PT-2018-5058 · Joyent · Smartos

Name of the Vulnerable Software and Affected Versions: Joyent SmartOS OS version 20161110T013148Z Description: The issue is related to a denial of service in the Hyprlofs file system. It is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32-bit model. An...

The vulnerability of the kernel of the Solaris and SmartOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the kernels in Solaris and SmartOS is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Joyent SmartOS Elevation of Privilege Vulnerability

Joyent SmartOS is a set of open source operating system from Joyent, Inc. in the United States. A security vulnerability exists in the DTrace DOF file in the Joyent SmartOS release-20170803-20170803T064301Z, which stems from a program that makes it difficult to correctly validate user-submitted...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...