Lucene search
K

56 matches found

Prion
Prion
added 2020/01/27 5:15 a.m.10 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.8CVSS7.5AI score0.01896EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2020/01/27 5:15 a.m.16 views

Out-of-bounds

In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...

7.8CVSS7.5AI score0.0192EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/01/27 5:15 a.m.5 views

UBUNTU-CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

7.5CVSS7.1AI score0.0192EPSS
Exploits1References6
OSV
OSV
added 2020/01/27 5:15 a.m.3 views

UBUNTU-CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.5CVSS7.1AI score0.01896EPSS
Exploits1References6
OSV
OSV
added 2020/01/27 5:15 a.m.3 views

UBUNTU-CVE-2019-20427

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...

9.8CVSS7.8AI score0.049EPSS
Exploits1References6
Cvelist
Cvelist
added 2020/01/27 4:21 a.m.26 views

CVE-2019-20423

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...

7.8AI score0.02064EPSS
Exploits1References4
CVE
CVE
added 2020/01/27 4:21 a.m.101 views

CVE-2019-20423

CVE-2019-20423 affects the Lustre file system prior to 2.12.3, where the ptlrpc module can overflow the buffer and panic due to lacking validation of certain fields in client packets. The root cause is an integer signedness error in target_handle_connect() that mishandles a specific size value wh...

7.8CVSS7.8AI score0.02064EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2020/01/27 4:21 a.m.112 views

CVE-2019-20425

CVE-2019-20425 affects Lustre file system ptlrpc module prior to 2.12.3, where an out-of-bounds access and panic arise from insufficient validation of certain fields in client packets, specifically due to lack of validation of a length value derived from lustre_msg_buflen_v2 in lustre_msg_string....

7.8CVSS7.5AI score0.01896EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/01/27 4:21 a.m.24 views

CVE-2019-20425

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustremsgstring, there is no validation of a certain length value derived from lustremsgbuflenv2...

7.6AI score0.01896EPSS
Exploits1References4
CVE
CVE
added 2020/01/27 4:21 a.m.127 views

CVE-2019-20426

CVE-2019-20426 affects the Lustre file system before 2.12.3. The ptlrpc module suffers an out-of-bounds access and potential panic due to missing validation of specific client packet fields; specifically, in ldlm_cancel_hpreq_check there is no bounds check on the lock_count. The Red Hat advisory ...

7.8CVSS7.5AI score0.0192EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/01/27 4:21 a.m.25 views

CVE-2019-20426

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlmcancelhpreqcheck, there is no lockcount bounds check...

7.6AI score0.0192EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/01/27 4:20 a.m.20 views

CVE-2019-20428

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldlrequestcancel function mishandles a large lockcount parameter...

7.5AI score0.01821EPSS
Exploits0References4
CVE
CVE
added 2020/01/27 4:20 a.m.106 views

CVE-2019-20428

CVE-2019-20428 affects Lustre prior to 2.12.3. The ptlrpc module can trigger an out-of-bounds read and panic due to insufficient validation of certain client packet fields, with the ldl_request_cancel function mishandling a large lock_count. Impact is a potential crash/denial of service as descri...

7.8CVSS7.4AI score0.01821EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/01/27 4:20 a.m.22 views

CVE-2019-20429

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic via a modified lmbufcount field due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpcsvcunwraprequest and lustremsghdrsizev2...

7.5AI score0.01896EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/01/27 4:19 a.m.21 views

CVE-2019-20431

In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...

7.5AI score0.0192EPSS
Exploits1References4
CVE
CVE
added 2020/01/27 4:19 a.m.101 views

CVE-2019-20431

CVE-2019-20431 affects the Lustre file system prior to version 2.12.3, where the ptlrpc module permits an osd_map_remote_to_local out-of-bounds access and panics due to lack of validation of certain packet fields from a client. The osd_bufs_get function in the osd_ldiskfs module also lacks valida...

7.8CVSS7.5AI score0.0192EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder