what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2021-38199

Status Candidate

Overview

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.

Related Files

Ubuntu Security Notice USN-5136-1
Posted Nov 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5136-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the FUSE user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-36322, CVE-2020-36385, CVE-2021-3655, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38199, CVE-2021-42252
SHA-256 | 28724fdbb83e4490e3fc8c3f933128c22cd04d060dad7537f8dd275bde2370b7
Ubuntu Security Notice USN-5120-1
Posted Oct 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5120-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2019-19449, CVE-2020-26541, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3759, CVE-2021-38199, CVE-2021-38207, CVE-2021-40490
SHA-256 | 0a4088e105c209023f79e6f139417f5c549e7100d2f58e29b718a130f141a387
Ubuntu Security Notice USN-5092-3
Posted Oct 19, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-3 - USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | 2f8462834b9c412b2c94caea0415569d6a8d0a25ce4c553b1643bb9766389a30
Ubuntu Security Notice USN-5091-3
Posted Oct 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-3 - USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 24c408984ea4c4c10e651302744cddabd5b13c5cce9576cf919599003f060a83
Ubuntu Security Notice USN-5106-1
Posted Oct 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5106-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-22543, CVE-2021-3612, CVE-2021-38160, CVE-2021-38199, CVE-2021-41073
SHA-256 | e6f1f8e07840dd321cac128c3e684c8a455cc504df4df29a372d0a536fd65241
Ubuntu Security Notice USN-5091-2
Posted Oct 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-2 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | 8a8a2e75ddbcda95809cae2b0daa43ffa458f1fb2f6eba2572ac767c9100c9b1
Ubuntu Security Notice USN-5096-1
Posted Sep 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5096-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-34556, CVE-2021-35477, CVE-2021-3612, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-38160, CVE-2021-38166, CVE-2021-38199, CVE-2021-38201, CVE-2021-38202, CVE-2021-38203, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-41073
SHA-256 | 98f615f379d8346abea7dc65ffd543f999a46dbda2ec8a72bcaac4dbaea40126
Ubuntu Security Notice USN-5092-2
Posted Sep 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-2 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | fe6e6f7b890fe9c454e6d8b6981a93e9900e3e12cc8de38080233a23b6f9f395
Debian Security Advisory 4978-1
Posted Sep 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4978-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-16119, CVE-2020-3702, CVE-2021-3653, CVE-2021-3656, CVE-2021-3679, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-37576, CVE-2021-38160, CVE-2021-38166, CVE-2021-38199, CVE-2021-40490
SHA-256 | 58e6e00aeccd2d98b5f0fbd9438d9ad7fea0354cd2d4fc6a894c0d2ecc5f5d7f
Ubuntu Security Notice USN-5092-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5092-1 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38201, CVE-2021-38204, CVE-2021-38205, CVE-2021-41073
SHA-256 | ebcf129926760acf6a8d3e98fe23c9b1ac0c8a4d82db537ed58774cee102bccf
Ubuntu Security Notice USN-5091-1
Posted Sep 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5091-1 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38160, CVE-2021-38199, CVE-2021-38204
SHA-256 | e091ef36b1fd7e00cec219aaafc4dbf41a9c32a20d118dea6371229fe281294a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close