Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lustre lustre vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4970
runiozone in lustre 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/iozone.log temporary file.
Lustre Lustre-tests 1.6.5
Lustre Lustre-tests 1.6.5.1
7.5
CVSSv3
CVE-2019-20423
In the Lustre file system prior to 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_connect() mishandles a certain size value when a client connects to a server, bec...
Lustre Lustre
7.5
CVSSv3
CVE-2019-20424
In the Lustre file system prior to 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client.
Lustre Lustre
7.5
CVSSv3
CVE-2019-20426
In the Lustre file system prior to 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds check.
Lustre Lustre
7.5
CVSSv3
CVE-2019-20428
In the Lustre file system prior to 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.
Lustre Lustre
7.5
CVSSv3
CVE-2019-20430
In the Lustre file system prior to 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.
Lustre Lustre
7.5
CVSSv3
CVE-2019-20431
In the Lustre file system prior to 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osd_bufs_get in the osd_ldiskfs module does not validate a certain length valu...
Lustre Lustre
7.5
CVSSv3
CVE-2019-20425
In the Lustre file system prior to 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain length value derived from lustr...
Lustre Lustre
9.8
CVSSv3
CVE-2019-20427
In the Lustre file system prior to 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a t...
Lustre Lustre
7.5
CVSSv3
CVE-2019-20429
In the Lustre file system prior to 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and ...
Lustre Lustre
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »