kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

EUVD-2015-8674

Malware in sbrugna...

Propagation Error: "Server is not reachable. Configuration settings might be out of date"

When selecting propagate changes in the primary Storefront server, the propagation completes successfully however the following warning and error ispresent in the server details: Warning - "Propagated changes today at . Some servers were not synchronized." Error - "Server is not reachable...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM) Storage Manager Install Anywhere (SMIA) configuration tool

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL was used by IBM FSM SMIA configuration tool commonly known as Network Advisor. This bulletin addresses the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is...

Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)

The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagation error exists in the Broadwell-specific Montgomery multiplication procedure when handlin...

EUVD-2015-8672

The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...