CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

FreeBSD Security Advisory - FreeBSD-SA-26:11.amd64

FreeBSD Security Advisory - In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3...

FreeBSD -- Missing large page handling in pmap_pkru_update_range()

Problem Description: In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface...

MiracleLinux 9 : krb5-1.21.1-3.el9 (AXSA:2024-9086:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9086:08 advisory. krb5: Memory leak at /krb5/src/lib/rpc/pmaprmt.c CVE-2024-26458 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c CVE-2024-26461 krb5: Memor...

CLSA-2024-1733141074 krb5: Fix of 2 CVEs

CVE-2024-26458: Fix memory leak vulnerability in src/lib/rpc/pmaprmt.c - CVE-2024-26461: Fix memory leak vulnerability in src/lib/gssapi/krb5/k5sealv3.c...

Oracle Linux 8 : krb5 (ELSA-2024-3268)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3268 advisory. 1.18.2-27.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-27 - Fix memory leak in GSSAPI interface Resolves: RHEL-27250 - Fix...

krb5 security update

1.18.2-27.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.18.2-27 - Fix memory leak in GSSAPI interface Resolves: RHEL-27250 - Fix memory leak in PMAP RPC interface Resolves: RHEL-27244 - Make TCP waiting time configurable Resolves: RHEL-17131...

krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

A memory leak flaw was found in krb5 in /krb5/src/lib/rpc/pmaprmt.c. This issue can lead to a denial of service through memory exhaustion...

SUSE CVE-2024-26458

Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c...

AZL-35455 CVE-2024-26458 affecting package krb5 for versions less than 1.19.4-3

Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to a memory leak flaw in the pmaprmt.c file. An attacker can lead to a denial of service through memory exhaustion by exploiting this flaw. Remediation There is no fixed version for...

[SECURITY] Fedora 38 Update: procps-ng-3.3.17-11.fc38

The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch, pwdx and pidwait. The ps command displays a snapshot of running processes. The top command...

SUSE CVE-2015-7236

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...

openSUSE Security Update : procps (openSUSE-2019-2376)

This update for procps fixes the following issues : procps was updated to 3.3.15. bsc1092100 Following security issues were fixed : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved...

rpcbind: Use-after-free vulnerability in PMAP_CALLIT

A use-after-free flaw related to the PMAPCALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service denial of service by performing a series of UDP and TCP calls...

DEBIAN-CVE-2015-7236

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...

UBUNTU-CVE-2015-7236

Use-after-free vulnerability in xprtsetcaller in rpcbsvccom.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service daemon crash via crafted packets, involving a PMAPCALLIT code...

FreeBSD 8.1 / 7.3 vm.pmap Kernel Race Condition

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FreeBSD 8.1/7.3 vm.pmap kernel local race condition Author: Maksymilian Arciemowicz http://SecurityReason.com http://lu.cxib.net Date: - - Dis.: 09.07.2010 - - Pub.: 07.09.2010 Affected Software verified: - - FreeBSD 7.3/8.1 Original URL:...