CVE-2023-53751 cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...

CVE-2023-53751

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...

CVE-2022-50622

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4fcrecordmodifiedinode As krealloc may return NULL, in this case 'state-fcmodifiedinodes' may not be freed by krealloc, but 'state-fcmodifiedinodes' already set NULL. Then will lead to...

CVE-2022-50620 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...

CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

DEBIAN-CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

UBUNTU-CVE-2025-40305

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...

CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4readrelease When tracing is enabled, the tracenfsdreaddone trace point crashes during the pynfs read.testNoFh test...

CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4readrelease When tracing is enabled, the tracenfsdreaddone trace point crashes during the pynfs read.testNoFh test...

CVE-2025-40312 jfs: Verify inode mode when loading from disk

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

CVE-2025-40303

CVE-2025-40303 is a Linux kernel btrfs issue resolved by ensuring no dirty metadata is written back when the filesystem is in an error state. The root cause was that, after an error is detected, some metadata modifications remained in the btrie inode page cache and could be written back during ip...

Infinera MTC-9 安全漏洞

Infinera MTC-9 is a modular controller from Infinera USA. A security vulnerability exists in Infinera MTC-9 version R22.1.1.0275 through versions prior to R23.0, which stems from a misconfiguration of the SSH service that could result in the execution of arbitrary commands and access to file syst...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040...

PT-2025-49453

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System Daemon NFSD does not properly handle requests for new time deleg FATTR4 attributes introduced in newer NFS specifications. Specifically, NFSv4...

PT-2025-49481

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the CIFS implementation related to the TCP Server Info::hostname component. Specifically, the hostname may be updated during reconnect attempts,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check the state of the read-only file system, which could lead to a null pointer dereference...

PT-2025-49452

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Network File System Daemon NFSD component of the Linux kernel. Specifically, a crash can occur within the nfsd4 read release function when tracing is enabled,...

Ubuntu: Security Advisory (USN-7911-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...