47 matches found
CVE-2019-20427
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...
CVE-2019-20429
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...
CVE-2019-20425
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...
CVE-2019-20426
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...
CVE-2019-20428
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldlrequestcancel function mishandles a large lockcount parameter...
EUVD-2019-10979
Malware in sbrugna...
EUVD-2019-10973
Malware in sbrugna...
EUVD-2019-10971
Malware in sbrugna...
EUVD-2019-10974
Malware in sbrugna...
EUVD-2019-10976
Malware in sbrugna...
EUVD-2019-10977
Malware in sbrugna...
CVE-2019-20423
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...
Lustre ptlrpc module buffer overflow vulnerability (CNVD-2020-07300)
Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre ptlrpc is a module. A security vulnerability exists in the Lustre ptlrpc module. The vulnerability stems from a networked system or product performing operations on memory...
Lustre ptlrpc module buffer overflow vulnerability (CNVD-2020-07306)
Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre ptlrpc is a module. A buffer overflow vulnerability exists in the Lustre ptlrpc module. The vulnerability stems from a networked system or product performing operations in...
Lustre ptlrpc module buffer overflow vulnerability (CNVD-2020-07304)
Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre ptlrpc is a module. A buffer overflow vulnerability exists in the Lustre ptlrpc module. The vulnerability stems from a networked system or product performing operations in...
CVE-2019-20431
In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...
CVE-2019-20429
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...
CVE-2019-20427
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...
CVE-2019-20427
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...
CVE-2019-20431
In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...