16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed a slow server-side memory leak caused by RPC-over-TCP. Jan Schunk reported that his small NFS servers experience memory exhaustion after just a few days. A bisect analysis revealed that commit e18e157bb5c8 “SUNRPC:...
EUVD-1999-0084
Malware in sbrugna...
CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
CVE-2024-35882
CVE-2024-35882 affects the Linux kernel SUNRPC over TCP. A bad commit (e18e157bb5c8) caused a memory leak: sock_sendmsg() doesn’t release all pages in bio_vec, leaving the record-marker fragment unreleased and enabling server-side memory exhaustion in some NFS setups. A narrow fix was implemented...
Netdata - Real-Time Performance Monitoring
netdata is a highly optimized Linux daemon providing real-time performance monitoring for Linux systems, Applications, SNMP devices, over the web ! It tries to visualize the truth of now , in its greatest detail , so that you can get insights of what is happening now and what just happened, on yo...
CVE-2015-8746
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
CVE-2012-2375
The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words in an...
CVE-2011-4131
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words...
Null pointer dereference
The nfs4proclock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service NULL pointer dereference and panic by sending a certain response containing incorrect file attributes, which trigger attempted use of an...
CVE-2009-3726
The nfs4proclock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service NULL pointer dereference and panic by sending a certain response containing incorrect file attributes, which trigger attempted use of an...
Mandriva Update for e2fsprogs MDKA-2007:068 (e2fsprogs)
Check for the Version of e2fsprogs OpenVAS Vulnerability Test Mandriva Update for e2fsprogs MDKA-2007:068 e2fsprogs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Bad ext3/nfs DoS bug
I've tried contacting the relevant maintainers directly, and it's even in the kernel bugzilla, but nothing's happened and it's been over a month now. No-one seems to be doing anyting about this. Is one meant to post this to bugtraq or what? Here's the bug:...
SUSE-SA:2003:031: nfs-utils
The remote host is missing the patch for the advisory SUSE-SA:2003:031 nfs-utils. The nfs-utils package contains various programs to offer and manage certain RPC services such as the rpc.mountd. iSEC Security Research has reported an off-by-one bug in the xlog function used by the rpc.mountd. It ...
CVE-1999-0084
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0...
CVE-1999-0084
CVE-1999-0084 affects certain NFS servers . The vulnerability permits a local user to perform a privileged action by running mknod to create a writable kmem device and set the UID to 0, effectively enabling a privilege escalation to root as described in the provided sources. Multiple connected do...