Lucene search
+L

47 matches found

osv
osv
added 2020/01/27 5:15 a.m.5 views

CVE-2019-20429

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

7.5CVSS5.8AI score0.01896EPSS
Exploits1References4
nvd
nvd
added 2020/01/27 5:15 a.m.22 views

CVE-2019-20428

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldlrequestcancel function mishandles a large lockcount parameter...

7.8CVSS7.5AI score0.01821EPSS
Exploits0References4
osv
osv
added 2020/01/27 5:15 a.m.3 views

CVE-2019-20423

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...

7.5CVSS7.4AI score0.02064EPSS
Exploits1References4
nvd
nvd
added 2020/01/27 5:15 a.m.21 views

CVE-2019-20423

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...

7.8CVSS7.8AI score0.02064EPSS
Exploits1References4
osv
osv
added 2020/01/27 5:15 a.m.3 views

CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.5CVSS7.1AI score0.01896EPSS
Exploits1References4
nvd
nvd
added 2020/01/27 5:15 a.m.22 views

CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.8CVSS7.6AI score0.01896EPSS
Exploits1References4
osv
osv
added 2020/01/27 5:15 a.m.4 views

CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

7.5CVSS7.1AI score0.0192EPSS
Exploits1References4
prion
prion
added 2020/01/27 5:15 a.m.11 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

7.8CVSS7.4AI score0.01896EPSS
Exploits1References4Affected Software1
prion
prion
added 2020/01/27 5:15 a.m.13 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldlrequestcancel function mishandles a large lockcount parameter...

7.8CVSS7.5AI score0.01821EPSS
Exploits0References4Affected Software1
prion
prion
added 2020/01/27 5:15 a.m.13 views

Integer overflow

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...

9CVSS9.9AI score0.049EPSS
Exploits1References4Affected Software1
ubuntucve
ubuntucve
added 2020/01/27 5:15 a.m.30 views

CVE-2019-20427

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...

9.8CVSS7.3AI score0.049EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2020/01/27 5:15 a.m.32 views

CVE-2019-20423

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...

7.8CVSS7AI score0.02064EPSS
Exploits1References5
prion
prion
added 2020/01/27 5:15 a.m.16 views

Integer overflow

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...

7.8CVSS7.8AI score0.02064EPSS
Exploits1References4Affected Software1
prion
prion
added 2020/01/27 5:15 a.m.16 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...

7.8CVSS7.5AI score0.0192EPSS
Exploits1References4Affected Software1
osv
osv
added 2020/01/27 5:15 a.m.5 views

UBUNTU-CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

7.5CVSS7.1AI score0.0192EPSS
Exploits1References6
prion
prion
added 2020/01/27 5:15 a.m.11 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.8CVSS7.5AI score0.01896EPSS
Exploits1References4Affected Software1
ubuntucve
ubuntucve
added 2020/01/27 5:15 a.m.37 views

CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.8CVSS7AI score0.01896EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2020/01/27 5:15 a.m.46 views

CVE-2019-20429

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

7.8CVSS7AI score0.01896EPSS
Exploits1References6
cve
cve
added 2020/01/27 4:21 a.m.101 views

CVE-2019-20423

CVE-2019-20423 affects the Lustre file system prior to 2.12.3, where the ptlrpc module can overflow the buffer and panic due to lacking validation of certain fields in client packets. The root cause is an integer signedness error in target_handle_connect() that mishandles a specific size value wh...

7.8CVSS7.8AI score0.02064EPSS
Exploits1References4Affected Software1
cve
cve
added 2020/01/27 4:21 a.m.112 views

CVE-2019-20425

CVE-2019-20425 affects Lustre file system ptlrpc module prior to 2.12.3, where an out-of-bounds access and panic arise from insufficient validation of certain fields in client packets, specifically due to lack of validation of a length value derived from lustre_msg_buflen_v2 in lustre_msg_string....

7.8CVSS7.5AI score0.01896EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder