Illumos

illumos

8 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-31284 1Illumos 1Illumos Gate Jan 29, 2025 May 4, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.
CVE-2019-9579 2Illumos Oracle 2Illumos Solaris Apr 14, 2025 Dec 26, 2022 N/A· v4 8.1 HIGH· v3 N/A· v2 An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This...Show more An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended attributes are used to implement NT named streams, the SMB protocol requires implementations to have open handle semantics similar to those of NTFS, and the SMB server passes along certain attribute requests to the underlying object (i.e., they are not considered to be requests that pertain to the named stream).Show less
CVE-2021-43395 5Illumos JoyentOmniosce+2 more 5Illumos OmniosOpenindiana+2 more Apr 14, 2025 Dec 26, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and...Show more An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.Show less
CVE-2020-27678 3Illumos JoyentOmniosce 3Illumos OmniosSmartos Nov 21, 2024 Oct 26, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
CVE-2016-6561 1Illumos 1Illumos May 13, 2026 Mar 31, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 illumos smbsrv NULL pointer dereference allows system crash.
CVE-2016-6560 1Illumos 1Illumos May 13, 2026 Mar 31, 2017 N/A· v4 8.6 HIGH· v3 7.8 HIGH· v2 illumos osnet-incorporation bcopy() and bzero() implementations make signed instead of unsigned comparisons allowing a system crash.
CVE-2014-9491 1Illumos 1Illumos May 6, 2026 Jan 20, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors.
CVE-2012-0217 8Citrix FreebsdIllumos+5 more 11Freebsd IllumosNetbsd+8 more Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614...Show more The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.Show less