EUVD-2010-1664

Malware in sbrugna...

EUVD-2008-7212

Malware in sbrugna...

SUSE CVE-2000-0800

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges...

SUSE CVE-2008-7256

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...

SUSE CVE-2010-1643

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

CVE-2017-8797

CVE-2017-8797 affects the Linux kernel NFSv4 server. A remote attacker can send NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operands in UDP; an uninitialized layout type is used as an array index, causing an OOPS and potentially a system DoS via knfsd soft-lockup. Affected: Linux kernel versions prior ...

CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

kernel security and bug fix update

kernel 2.6.18-348.4.1 - virt xen-netback: backports Andrew Jones 910884 910885 CVE-2013-0216 - virt xen-netback: netifschedulable should take a netif Andrew Jones 910884 910885 CVE-2013-0216 - virt pciback: rate limit error mess from pcibackenablemsi Igor Mammedov 910876 910877 CVE-2013-0231 - ne...

Mandrake Linux Security Advisory : sysklogd (MDKSA-2000:050-1)

A problem exists with the kernel logging daemon klogd in the sysklogd package. A 'format bug' makes klogd vulnerable to local root compromise, as well as the possibility for remote vulnerabilities under certain circumstances, which are unprobable. There is also a more probable semi-remote exploit...

Mandriva Linux Security Advisory : kernel (MDVSA-2010:198)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount symlinks, which allows attackers to have an unknown impact, related to LOOKUPFOLLOW. CVE-2010-1088 The tcfilltclass function in...

Ubuntu Update for Linux kernel vulnerabilities USN-966-1

Ubuntu Update for Linux kernel vulnerabilities USN-966-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9661.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for Linux kernel vulnerabilities USN-966-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : linux, linux-{source-2.6.15,ec2,mvl-dove,ti-omap} vulnerabilities (USN-966-1)

Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. Only Ubuntu 6.06 LTS and 8.04 LTS were affected. CVE-2008-7256, CVE-2010-1643 Chris Guo, Jukka Taimisto, and Olli Jarva discover...

CVE-2008-7256

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...

Null pointer dereference

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...

Null pointer dereference

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

CVE-2010-1643

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

CVE-2008-7256

CVE-2008-7256 affects the Linux kernel’s mm/shmem.c prior to 2.6.28-rc8 when strict overcommit is enabled and CONFIG_SECURITY is disabled. The vulnerability arises in how knfsd exports shmemfs objects, allowing a denial of service via NULL pointer dereference and knfsd crash, with possible other ...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 2606)

This kernel update fixes the following security problems : - The ftdisio driver allowed local users to cause a denial of service memory consumption by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to be loaded, whi...

Bad ext3/nfs DoS bug

I've tried contacting the relevant maintainers directly, and it's even in the kernel bugzilla, but nothing's happened and it's been over a month now. No-one seems to be doing anyting about this. Is one meant to post this to bugtraq or what? Here's the bug:...