openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1037-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1037-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0768-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0768-1 advisory. The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking...

CVE-2022-24448

CVE-2022-24448 affects the Linux kernel’s NFS path: in fs/nfs/dir.c, if an application opens a regular file with O_DIRECTORY set, nfs_atomic_open() does a regular lookup and returns uninitialized data in the file descriptor when a regular file is found instead of ENOTDIR. This issue is documented...

CVE-2012-1090

The cifslookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service OOPS via attempted access to a special file, as demonstrated by a FIFO...

Null pointer dereference

The cifscreate function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact via a NULL nameidata aka nd field in a POSIX file-creation request to a server that support...

Linux kernel 2.6.x cifs_create()函数空指针引用漏洞

BUGTRAQ ID: 39186 CVE ID: CVE-2010-1148 Linux Kernel是开放源码操作系统Linux所使用的内核 Linux Kernel的fs/cifs/dir.c文件中的cifscreate函数存在空指针引用错误。在支持unix扩展（如Samba）的服务器上创建文件时，如果所创建的文件没有提供nameidata（nd为空），cifs客户端在调用cifsposixopen时就会崩溃 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2009-1630

The nfspermission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomicopen is available, does not check execute aka EXEC or MAYEXEC permission bits, which allows local users to bypass permissions and execute files, as demonstrated by file...

CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...

DEBIAN-CVE-2004-2571

Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the 1 parseQmailFromBytesLine, 2 parseQmailToRemoteLine, 3 parseQmailToLocalLine, 4 parseSendmailFromBytesLine, 5 parseSendmailToLine, 6 parseEximFromBytesLine, and 7 parseEximToLine function...