CentOS 7 : kernel (CESA-2019:2600)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CentOS Update for bpftool CESA-2019:2600 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stream callback function is not unwind safe

Affected versions of this crate is not panic safe within callback functions streamcallback and streamfinishedcallback. The call to user-provided closure might panic before a mem::forget call, which then causes a use after free that grants attacker to control the callback function pointer. This...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

UBUNTU-CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

Design/Logic Flaw

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

CVE-2019-16141

CVE-2019-16141 concerns the Rust crate once_cell prior to 1.0.1 . The issue is a panic during initialization of the Lazy static. Concrete details across connected sources confirm the affected component (once_cell) and the root cause (panic in Lazy initialization). No explicit exploit vectors or i...

CVE-2019-16141

An issue was discovered in the oncecell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy...

Panic during initialization of Lazy<T> might trigger undefined behavior

If during the first dereference of Lazy the initialization function panics, subsequent dereferences will execute std::hints::unreachableunchecked. Applications with panic = "abort" are not affected, as there will be no subsequent dereferences...

RUSTSEC-2019-0017 Panic during initialization of Lazy<T> might trigger undefined behavior

If during the first dereference of Lazy the initialization function panics, subsequent dereferences will execute std::hints::unreachableunchecked. Applications with panic = "abort" are not affected, as there will be no subsequent dereferences...

CVE-2019-5608

In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented acro...

CVE-2019-5611

In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguou...