28 matches found
EUVD-2018-2967
Malware in sbrugna...
EUVD-2014-3170
Malware in sbrugna...
SUSE CVE-2011-4110
The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kernel oops via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."...
SUSE CVE-2014-3152
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...
SUSE CVE-2017-15951
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...
SUSE CVE-2018-10911
A flaw was found in the way dicunserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
USN-4770-1 glusterfs vulnerabilities
It was discovered that GlusterFS incorrectly handled network requests. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3619 It was discovered that GlusterFS incorrectly handled user permissions. An authenticated attacker...
kernel: NULL pointer dereference due to KEYCTL_READ on negative key
A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCLREAD on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel...
Information Disclosure
libgluster.so is vulnerable to information disclosure. The library does not properly handle negative key length values during deserialization, causing the pointer to read information from other parts of the memory that can reveal sensitive information...
glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
Red Hat glusterfs server deserialization vulnerability
Red Hat glusterfs server is an open source distributed file system from Red Hat Red Hat. The system is mainly for media streaming , data analysis and other data and bandwidth intensive tasks to create large-scale distributed storage solutions. A deserialization vulnerability exists in the...
DEBIAN-CVE-2018-10911
A flaw was found in the way dicunserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
UBUNTU-CVE-2018-10911
A flaw was found in the way dicunserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...
kernel: NULL pointer dereference due to KEYCTL_READ on negative key
A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCLREAD on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel...
kernel: NULL pointer dereference due to KEYCTL_READ on negative key
A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCLREAD on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel...
kernel: NULL pointer dereference due to KEYCTL_READ on negative key
A vulnerability was found in the Key Management sub component of the Linux kernel, where when trying to issue a KEYTCLREAD on a negative key would lead to a NULL pointer dereference. A local attacker could use this flaw to crash the kernel...
Linux kernel denial of service vulnerability (CNVD-2017-30419)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the Key Management subcomponent of the Linux kernel, which can cause a nu...