10 matches found
ROS-20260408-73-0031
A vulnerability in the fs/nfs component of the Linux kernel is related to incorrect privilege assignment. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial-of-service condition...
openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1037-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1037-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0768-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0768-1 advisory. The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking...
CVE-2022-24448
CVE-2022-24448 affects the Linux kernel’s NFS path: in fs/nfs/dir.c, if an application opens a regular file with O_DIRECTORY set, nfs_atomic_open() does a regular lookup and returns uninitialized data in the file descriptor when a regular file is found instead of ENOTDIR. This issue is documented...
kernel security and bug fix update
kernel 2.6.18-348.16.1 - x8664 Fix kdump failure due to 'x8664: Early segment setup' Paolo Bonzini 988251 987244 - xen skip tracing if it was disabled instead of dying Igor Mammedov 987976 967053 - ia64 fix KABI breakage on ia64 Prarit Bhargava 966878 960783 - x86 fpu: fix CONFIGPREEMPT=y...
kernel security and bug fix update
2.6.32-358.2.1 - kernel utrace: ensure archptrace/ptracerequest can never race with SIGKILL Oleg Nesterov 912073 912074 CVE-2013-0871 2.6.32-358.1.1 - netdrv mlx4: Set number of msix vectors under SRIOV mode to firmware defaults Michal Schmidt 911663 904726 - netdrv mlx4: Fix bridged vSwitch...
1
2.6.18-308.11.1.0.1.el5 - net bonding: fix carrier detect when bond is down orabug 12377284 - mm fix hugetlb page leak Dave McCracken orabug 12375075 - fix ia64 build error due to add-support-above-32-vcpus.patchZhenzhong Duan - x86 use dynamic vcpuinfo remap to support more than 32 vcpus Zhenzho...
Linux Kernel nfs_lock函数本地拒绝服务漏洞
CVECAN ID: CVE-2007-6733 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的fs/nfs/file.c文件中的nfslock函数没有正确的删除对setgid未设置group-execute权限文件的 POSIX锁定,这允许本地用户通过在NSF文件系统上锁定文件然后再更改该文件的权限导致系统崩溃。 Linux kernel 2.6.9 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://lkml.org/lkml/2005/12/21/334...
CVE-2009-1630
The nfspermission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomicopen is available, does not check execute aka EXEC or MAYEXEC permission bits, which allows local users to bypass permissions and execute files, as demonstrated by file...
nfs-utils: Access restriction bypass
Background nfs-utils contains the client and daemon implementations for the NFS protocol. Description Michele Marcionelli reported that nfs-utils invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups. Impact A remote attacker could bypass...