BDU:2021-03188

Уязвимость компонента fs/nfsd/vfs.c ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: HIGH (7.1) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References:

CVE-2020-24394

Published: 2020-08-19
Modified: 2024-11-21

CVE-2020-24394

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

References:

Package dvdauthor updated to version 0.7.2-alt4 for branch sisyphus in task 254773.

Executable stack in mpeg2desc

Package krb5 updated to version 1.18.2-alt2 for branch sisyphus in task 254565.

Published: 2019-09-26

BDU:2020-01056

Уязвимость реализации протокола Kerberos операционных систем Red Hat Enterprise Linux, Fedora, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

CVE-2019-14844

Published: 2019-09-26
Modified: 2024-11-21

CVE-2019-14844

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Package installer-distro-alt-server-v updated to version 9.0.1-alt1 for branch sisyphus in task 254590.

Обновить профиль разметки дисков для PVE

Version: 2.1.0

Branch sisyphus update on 2020-07-11

ALT-BU-2020-3918-1

ALT-PU-2020-2342-1

Closed vulnerabilities

BDU:2021-03188

CVE-2020-24394

ALT-PU-2020-2343-1

Closed bugs

Bug #38694

ALT-PU-2020-2345-1

Closed vulnerabilities

BDU:2020-01056

CVE-2019-14844

ALT-PU-2020-2347-1

Closed bugs

Bug #38193