Lucene search
K

141 matches found

Tenable Nessus
Tenable Nessus
added 2019/04/30 12:0 a.m.29 views

openSUSE Security Update : samba (openSUSE-2019-1292)

This update for samba fixes the following issues : Security issue fixed : - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share bsc1131060. Non-security issues fixed : - Fix vfsceph ftruncate and fallocate handling...

5.5CVSS5.6AI score0.03392EPSS
Exploits0References6
0day.today
0day.today
added 2018/07/16 12:0 a.m.262 views

Linux Ubuntu - Other Users coredumps can be read via setgid Directory and killpriv Bypass Exploit

Exploit for linux platform in category dos / poc / Note: I am both sending this bug report to email protected and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to each other to determine the best place to fix...

8.3AI score0.0101EPSS
Exploits2
0day.today
0day.today
added 2018/07/14 12:0 a.m.40 views

Linux #Ubuntu Coredump Reading Access Bypass Vulnerability

Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass. Linux/Ubuntu: other users' coredumps can be read via setgid directory and killpriv bypass Note: I am both sending this bug report to email protected and filing it in the...

0.4AI score
Exploits0
OSV
OSV
added 2018/04/04 5:29 p.m.1 views

DEBIAN-CVE-2017-18257

The getdatablock function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service integer overflow and loop via crafted use of the open and fallocate system calls with an FSIOCFIEMAP ioctl...

5.5CVSS5.7AI score0.00393EPSS
Exploits0References1
Prion
Prion
added 2018/04/04 5:29 p.m.23 views

Integer overflow

The getdatablock function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service integer overflow and loop via crafted use of the open and fallocate system calls with an FSIOCFIEMAP ioctl...

4.9CVSS5.8AI score0.00393EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2018/04/04 5:0 p.m.228 views

CVE-2017-18257

CVE-2017-18257 affects the Linux kernel: the __get_data_block function in fs/f2fs/data.c (before 4.11) can be triggered by crafted open and fallocate calls via an FS_IOC_FIEMAP ioctl, causing local denial of service (integer overflow and loop). Public advisories from Unity Linux, Ubuntu USN-3696-...

5.5CVSS5.6AI score0.00393EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2018/04/04 5:0 p.m.45 views

CVE-2017-18257

The getdatablock function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service integer overflow and loop via crafted use of the open and fallocate system calls with an FSIOCFIEMAP ioctl...

5.5CVSS6.2AI score0.00393EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.5 views

kernel: ext4 filesystem page fault race condition with fallocate call.

A flaw was found in the Linux kernel when attempting to "punch a hole" in files existing on an ext4 filesystem. When punching holes into a file races with the page fault of the same area, it is possible that freed blocks remain referenced from page cache pages mapped to process' address space...

5.1CVSS7.1AI score0.00351EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:22 p.m.4 views

kernel: ext4 filesystem page fault race condition with fallocate call.

A flaw was found in the Linux kernel when attempting to "punch a hole" in files existing on an ext4 filesystem. When punching holes into a file races with the page fault of the same area, it is possible that freed blocks remain referenced from page cache pages mapped to process' address space...

5.1CVSS7.1AI score0.00351EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.3 views

kernel: ext4 filesystem page fault race condition with fallocate call.

A flaw was found in the Linux kernel when attempting to "punch a hole" in files existing on an ext4 filesystem. When punching holes into a file races with the page fault of the same area, it is possible that freed blocks remain referenced from page cache pages mapped to process' address space...

5.1CVSS7.1AI score0.00351EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.80 views

Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0307)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

10CVSS6.2AI score0.09144EPSS
Exploits0References4
Prion
Prion
added 2015/10/19 10:59 a.m.29 views

Design/Logic Flaw

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

4.9CVSS6.3AI score0.00457EPSS
Exploits0References11Affected Software2
OSV
OSV
added 2015/10/19 10:59 a.m.2 views

DEBIAN-CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

4.9CVSS5.3AI score0.00457EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/10/19 10:0 a.m.31 views

CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

5AI score0.00457EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2015/10/19 10:0 a.m.40 views

CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

4.9CVSS5.8AI score0.00457EPSS
Exploits0
CVE
CVE
added 2015/10/19 10:0 a.m.141 views

CVE-2015-0275

CVE-2015-0275 affects the Linux kernel ext4 subsystem: the ext4_zero_range function in fs/ext4/extents.c allows local users to trigger a denial of service via a crafted fallocate zero-range request. The linked MiracleLinux/Unity Linux Nessus entries reproduce this: the vulnerability is described ...

4.9CVSS4.8AI score0.00457EPSS
Exploits0References11Affected Software1
RedHat Linux
RedHat Linux
added 2015/09/15 12:3 p.m.5 views

kernel: fs: ext4: fallocate zero range page size > block size BUG()

A flaw was found in the way the Linux kernel's ext4 file system handled the "page size block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system...

4.9CVSS6.6AI score0.00457EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/09/15 9:38 a.m.4 views

kernel: fs: ext4: fallocate zero range page size > block size BUG()

A flaw was found in the way the Linux kernel's ext4 file system handled the "page size block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system...

4.9CVSS6.6AI score0.00457EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/09/15 9:22 a.m.11 views

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...

7.8CVSS6.5AI score0.06267EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2015/09/15 9:22 a.m.4 views

kernel: fs: ext4: fallocate zero range page size > block size BUG()

A flaw was found in the way the Linux kernel's ext4 file system handled the "page size block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system...

4.9CVSS6.6AI score0.00457EPSS
Exploits0References4
Rows per page
Query Builder