DEBIAN-CVE-2017-9059

The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak...

UBUNTU-CVE-2017-9059

The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak...

OracleVM 3.3 / 3.4 : policycoreutils (OVMSA-2016-0157)

The remote OracleVM system is missing necessary patches to address critical security updates : - Lazy unmount private, shared entryJoe Jinorabug 12560705 - sandbox: create a new session for sandboxed processes Resolves: CVE-2016-7545 - Update translations Resolves: rhbz819794 - Fix sepolgen test...

DEBIAN-CVE-2014-9717

fs/namespace.c in the Linux kernel before 4.0.2 processes MNTDETACH umount2 system calls without verifying that the MNTLOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user...

UBUNTU-CVE-2015-4178

The fspin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service system crash by leveraging user-namespace root access for an MNTDETACH umount2 system call, related to...

Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues

This kernel-tmb update provides an upgrade to the upstream 4.1 longterm kernel series, currently based on 4.1.15 and resolves at least the following security issues: It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the addkey functio...

Mageia: Security Advisory (MGASA-2015-0386)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated kernel-linus package provides 4.1 longterm and fixes security issues

This kernel-linus update provides an upgrade to the upstream 4.1 longterm kernel series, currently based on 4.1.8 and resolves at least the following security issues: It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the addkey...

Updated kernel packages provides 4.1 longterm and fixes security issues

This kernel update provides an upgrade to the upstream 4.1 longterm kernel series, currently based on 4.1.8 and resolves at least the following security issues: It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the addkey function. A...

mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...

mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...

DEBIAN-CVE-2014-8111

Apache Tomcat Connectors modjk before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors...

mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...

mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...

mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing

It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...

kernel: vfs: refcount issues during unmount on symlink

A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in ...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

kernel: vfs: refcount issues during unmount on symlink

A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in ...

kernel: vfs: refcount issues during unmount on symlink

A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in ...

Moderate: Red Hat Security Advisory: bind97 security and bug fix update

Updated bind97 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...