78 matches found
UBUNTU-CVE-2024-47737
In the Linux kernel, the following vulnerability has been resolved: nfsd: call cacheput if xdrreservespace returns NULL If not enough buffer space available, but idmaplookup has triggered lookupfn which calls cacheget and returns successfully. Then we missed to call cacheput here which pairs with...
CVE-2024-47737 nfsd: call cache_put if xdr_reserve_space returns NULL
In the Linux kernel, the following vulnerability has been resolved: nfsd: call cacheput if xdrreservespace returns NULL If not enough buffer space available, but idmaplookup has triggered lookupfn which calls cacheget and returns successfully. Then we missed to call cacheput here which pairs with...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
CVE-2023-46768
CVE-2023-46768 describes a multi-thread vulnerability in the idmap module of Huawei HarmonyOS. The NVD entry attributes a CVSS v3.1 base score of 7.5 (HIGH) with network attack vector, low attack complexity, no privileges required, no user interaction, and impact limited to availability (I=NONE, ...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
PT-2023-30199 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform...
Ubuntu 20.04 LTS : SSSD regression (USN-6156-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6156-2 advisory. USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures...
CVE-2022-20514
In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction i...
PT-2022-14727 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds write due to a use after free in the acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator functions of...
ALSA-2021:4058 Moderate: samba security update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...
Moderate: samba security update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Negative idmap cache entries can cause incorrect...
Moderate: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...
samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token
A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...
samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token
A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...
RHEL 7 : samba (RHSA-2021:3723)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3723 advisory. Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It...
USN-4931-1 samba vulnerabilities
Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...
FreeBSD : samba -- negative idmap cache entries vulnerability (6f33d38b-aa18-11eb-b3f1-005056a311d1)
The Samba Team reports : - CVE-2021-20254: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...
USN-4930-1 samba vulnerability
Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour...