CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68761

CVE-2025-68761 — Linux kernel (HFS subsystem) Affected component: kernel hfs code path in the Linux kernel. The vulnerability is a use-after-free in hfs_correct_next_unused_CNID() caused by dereferencing a node after dropping its reference count via hfs_bnode_put(node). Root cause: The code drops...

CVE-2025-68761 hfs: fix potential use after free in hfs_correct_next_unused_CNID()

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfscorrectnextunusedCNID This code calls hfsbnodeputnode which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the hfs file system where the hfscorrectnextunusedCNID function still references a node after a call to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the NFS automount file system not inheriting the ro, noexec, nodev, and sync flags, which could lead to...

CVE-2025-48769 Apache NuttX RTOS: fs/vfs/fs_rename: use after free

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

PT-2026-27662

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nfsd nl threads set doit function. Specifically, a reference to a cred structure is leaked when nfsd nl threads set doit calls nfsd svc...

PT-2026-4489

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System daemon nfsd is susceptible to a server crash when attempting to unlock the filesystem through an administrative interface while nfsd is not running...

PT-2026-26100

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.2 through 6.10 Description A flaw exists in the Linux kernel related to the xfs file system. Specifically, the xchk scrub create subord function did not correctly handle error conditions, potentially returning an invali...

PT-2026-6123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a deadlock issue involving NFSv4.1 state recovery. The deadlock occurs when kthreadd attempts to reclaim memory by calling the nfs release folio function, which...

PT-2026-4480

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the NFS daemon nfsd related to handling grace periods during server shutdown. Specifically, writing to the v4 end grace structure can occur concurrently with...

PT-2026-26125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the f2fs file system related to the handling of node footers during read and write operations. Specifically, the issue arises when a corrupted nod...

PT-2026-6120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the pNFS parallel Network File System implementation. Specifically, a deadlock can occur when returning a delegation during an open operation...

EUVD-2025-206033

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...

CVE-2023-54192

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null pointer panic in tracepoint in replaceatomicwriteblock We got a kernel panic if oldaddr is NULL. https://bugzilla.kernel.org/showbug.cgi?id=217266 BUG: kernel NULL pointer dereference, address: 0000000000000000 Cal...

CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

CVE-2022-50859

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...

SUSE CVE-2022-50853

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a credential leak in nfs4discovertrunking...

EUVD-2025-205862

Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on t...