kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

SUSE CVE-2025-68769

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsrecoverfsyncdata With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsync /mnt/f2fs/foo f2fsio...

SUSE CVE-2025-71065

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

SUSE CVE-2025-71069

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a node page read not ending before f2fsputsuper completes, potentially leading to a file system reference...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001313 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in trymergefreespace when mounting a crafted btrfs image, because of a lack of...

MiracleLinux 4 : nfs-utils-1.2.3-15.AXS4 (AXSA:2012-04:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-04:01 advisory. The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the...

MiracleLinux 3 : kernel-2.6.18-274.5.AXS3 (AXSA:2012-220:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-220:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

CVE-2026-20922

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

CVE-2026-20840

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

CVE-2026-20840

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally...

CVE-2026-20820

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...