SUSE CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

Linux Distros Unpatched Vulnerability : CVE-2022-50861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR...

EUVD-2022-55837

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

UBUNTU-CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

CVE-2022-50861 NFSD: Finish converting the NFSv2 GETACL result encoder

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

CVE-2022-50861

CVE-2022-50861 refers to a Linux kernel vulnerability in NFSD’s handling of the NFSv2 GETACL result encoder. The root cause was that after an xdr_stream conversion, some code incorrectly set the page_len of the send buffer, causing garbage to be sent past the end of the Reply message. This could ...

kernel: nfsd: clear acl_access/acl_default after releasing them

In the Linux kernel, the following vulnerability has been resolved: nfsd: clear aclaccess/acldefault after releasing them If getting acldefault fails, aclaccess and acldefault will be released simultaneously. However, aclaccess will still retain a pointer pointing to the released posixacl, which...

EUVD-2019-0443

Malware in sbrugna...

EUVD-2011-4079

Malware in sbrugna...

DEBIAN-CVE-2025-21796

In the Linux kernel, the following vulnerability has been resolved: nfsd: clear aclaccess/acldefault after releasing them If getting acldefault fails, aclaccess and acldefault will be released simultaneously. However, aclaccess will still retain a pointer pointing to the released posixacl, which...

AZL-58907 CVE-2025-21796 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: nfsd: clear aclaccess/acldefault after releasing them If getting acldefault fails, aclaccess and acldefault will be released simultaneously. However, aclaccess will still retain a pointer pointing to the released posixacl, which...

kernel: NFSD: Finish converting the NFSv2 GETACL result encoder

A flaw was identified in the Linux kernel’s NFSD NFSv2 GETACL result encoder. During conversion to xdrstream, leftover code erroneously set the pagelen field of the send buffer. The XDR stream encoders are expected to manage buffer length automatically, and the incorrect manual setting can result...

K94504224: Apache ZooKeeper vulnerability CVE-2019-0201

Security Advisory Description An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeepers getACL command doesnt check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string...

SUSE CVE-2011-4131

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words...

GSD-2023-1000830 NFSD: Finish converting the NFSv2 GETACL result encoder

NFSD: Finish converting the NFSv2 GETACL result encoder This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

Security Bulletin: Apache ZooKeeper as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2019-0201)

Summary Apache ZooKeeper as used by IBM QRadar SIEM is vulnerable to information disclosure. Vulnerability Details CVEID: CVE-2019-0201 DESCRIPTION: Apache ZooKeeper could allow a remote attacker to obtain sensitive information, caused by the failure to check permissions by the getACL command. By...

Access control bypass in Apache ZooKeeper

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper?s getACL command doesn?t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider...

Information Disclosure

Apache ZooKeeper is affected by unauthorized information disclosure. getACL command does not check permissions when retrieving the ACLs of the requested node. Consequently, plaintext information contained in the ACL Id field is returned. This allows an attacker to retrieve users' Id and...