[SECURITY] Fedora 27 Update: lcms2-2.8-6.fc27

LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original deprecated lcms...

CVE-2018-1782

IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...

Updated lftp packages fix security vulnerability

Updated lftp packages fix security vulnerability Lftp 4.8.4 bring a security fix for "file:" file names. From version 4.7.7 which was previous MGA6 lftp version, it brings also several new parameters like the -P option for parallel transfers...

Security Bulletin: IBM Spectrum Scale is affected by a security vulnerability (CVE-2016-0263)

Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...

[SECURITY] Fedora 28 Update: glusterfs-4.1.1-1.fc28

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...

libvirt security and bug fix update

3.9.0-14.el75.6 - logging: Don't inhibit shutdown in system daemon rhbz1573268 - util: don't check for parallel iteration in hash-related functions rhbz1581364 - cpu: define the 'virt-ssbd' CPUID feature bit CVE-2018-3639 - virNumaGetHugePageInfo: Return pageavail and pagefree as ULL rhbz1582418...

Security Bulletin: The GPFS pattern provided with IBM PureApplication System is affected by a security vulnerability. (CVE-2016-0263)

Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...

[SECURITY] Fedora 26 Update: glusterfs-3.10.12-1.fc26

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...

The vulnerabilities of the IBM Spectrum Scale and General Parallel File System data storage management software are caused by buffer overflows, allowing attackers to execute arbitrary code with root privileges or trigger service interruptions.

The vulnerabilities of the IBM Spectrum Scale and General Parallel File System data storage management software are caused by buffer overflows. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code with root privileges or cause service interruptions...

Mail.ru: Double authentication bypass

Report describes current behavior of "Bind session to IP" and "Disable parallel session" security settings and is unrelated to authentication. While behavior doesn't match to reporter's expectation e.g. mobile and desktop sessions may exist in parallel despite of the settings current behavior is...

Parallel Space - Multiple accounts & Two face - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Parallel Space - Multiple accounts & Two face published at the 'play' market has multiple vulnerabilities...

PT-2017-3585 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.13 Description: The issue is related to errors in resource management within the Parallel Crypto Engine crypto/pcrypt.c subsystem of the Linux operating system. It can be exploited by executing a specially...

[SECURITY] Fedora 27 Update: glusterfs-3.12.2-2.fc27

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...

App Layering: Office MCS Rearm failure because kmssetup.cmd is running multiple times

Created a new layer following https://support.citrix.com/article/CTX224566. After publishing the image and using Studio to upgrade catalog using MCS, we receive the following error: Task Information: Start Date: Friday, October 6, 2017 Start Time: 1:46 PM Finish Date: Friday, October 6, 2017 Fini...

The vulnerability of the `timerfd.c` component in the Linux kernel (fs/timerfd.c), which allows a hacker to increase their privileges and cause a service failure

The vulnerability of the timerfd.c component fs/timerfd.c in the Linux operating system is related to the parallel execution of operations on file descriptors. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...

MCollective: Remote Code Execution

Background MCollective is a framework to build server orchestration or parallel job execution systems. Description A vulnerability was discovered in MCollective which allowed for deserialized YAML from agents without calling safeload. This allows the potential for arbitrary code execution on the...

Downloading entire Vulners.com database in 5 minutes

Today I once again would like to talk about Vulners.com and why, in my opinion, it is the best vulnerability database that exist nowadays and a real game-changer. The main thing is transparency. Using Vulners you not only can search for security content see "Vulners – Google for hacker", but...

kernel: NFSv4 server does not properly validate layout type when processing NFSv4 pNFS LAYOUTGET operand

It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service...

USN-3342-2 linux-hwe vulnerabilities

USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. USN-3333-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions...

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...