Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414426 advisory. The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state. Tenable has extracted the precedi...

CVE-2019-14258

The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988...

kernel: SUNRPC: Fix a suspicious RCU usage warning

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: 57.202521 ============================= 57.202522 WARNING: suspicious RCU usage 57.202523...

DEBIAN-CVE-2022-48816

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against -sock changing during sysfs read -sock can be set to NULL asynchronously unless -recvmutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a...

SUSE CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.17.2 and earlier, which stems from the fact that the SUNRPC subsystem can call xsxprtfree before ensuring that a socke...

CVE-2019-14258

The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988...

CVE-2015-2370

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

This update fixes the following security issues : - a flaw was found in the CIFSSMBWrite function in the Linux kernel Common Internet File System CIFS implementation. A remote attacker could send a specially crafted SMB response packet to a target CIFS client, resulting in a kernel panic denial o...

Design/Logic Flaw

The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service daemon crash via a crafted request to procedure 8 in program 100000 rpcbind, related to the XDRDECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165...

CVE-2008-4619

The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service daemon crash via a crafted request to procedure 8 in program 100000 rpcbind, related to the XDRDECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165...

CVE-2008-4619

CVE-2008-4619 affects Sun Solaris 9 RPC subsystem (rpcbind) via a crafted request to procedure 8 in program 100000, exploiting XDR_DECODE in taddr2uaddr and causing daemon crash (DoS). Connected documents tie this to libtirpc/TI-RPC implementations used by various vendors, with public advisories ...

CVE-2007-3509

Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service process exit and possibly execute arbitrary code via crafted ncacniptcp requests...

Heap overflow

Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service process exit and possibly execute arbitrary code via crafted ncacniptcp requests...

CVE-2007-3509

Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d are affected by a heap-based buffer overflow in the RPC subsystem that handles ncacn_ip_tcp requests. A remote attacker can cause a denial of service (process exit) and potentially execute arbitrary code by sending specially crafted pack...

CVE-2007-3509

Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service process exit and possibly execute arbitrary code via crafted ncacniptcp requests...