33 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed null-ptr-deref when xps sysfs alloc fails There is a null-ptr-deref when xps sysfs alloc fails: BUG: KASAN: null-ptr-deref in sysfsdocreatelinksd+0x40/0xd0 Reading a 8-byte value at address 0000000000000030 by ta...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the issue where the RPC client cleaned up the freed pipefs directories. The cleanup of the RPC client’s pipefs directories is handled in the rpcremovepipedir function, which processes the workqueue. This function...
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-31863
CVE-2026-31863 affects Anytype Heart: the challenge-based authentication for the local gRPC client API can be bypassed, allowing unauthorized access without the 4-digit code via a local attack vector. Affects Anytype Heart; attack vector LOCAL, complexity HIGH, privileges REQUIRED LOW, with only ...
kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005072)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005072 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990032)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990032 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is...
Linux Distros Unpatched Vulnerability : CVE-2023-52803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about...
UBUNTU-CVE-2024-54456
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
PT-2025-8819
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential buffer overflow issue has been identified in the Linux kernel, specifically in the nfs sysfs link rpc client function. The issue arises from the use of strcat with a char arr...
Ivanti EPM Agent Portal Command Execution
This module leverages an unauthenticated RCE in Ivanti's EPM Agent Portal where a RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2. Module...
Ivanti EPM Agent Portal Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/msnrtp/client' class MetasploitModule 'Ivanti EPM Agent Portal Command Execution', 'Description' = %q This module leverages an unauthenticated RCE in...
kernel: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
bitcoin-harness (=0.1.0), bitcoin_rpc_client (>=0.5.0 <=0.6.1) +80 more potentially affected by unknown CVE via openssl (>=0.10.22 <=0.10.57)
openssl CARGO version =0.10.22, =0.5.0, =0.2.0, =0.0.0, =0.0.1, =0.3.3, =0.6.25, =0.1.0-alpha.0, =0.1.24, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.38.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-Q445-7M23-QRMW...
SUSE CVE-2023-52803
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
CVE-2023-52803
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
DEBIAN-CVE-2023-52803
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
CVE-2023-52803
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
CVE-2023-52803 SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpcremovepipedir workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel...
PT-2021-3193
Name of the Vulnerable Software and Affected Versions Apache Thrift versions 0.9.3 through 0.13.0 Description The issue is related to an uncontrolled resource consumption in the Apache Thrift library of the Avrora Center application. It can be exploited by a remote attacker to cause a denial of...