kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

A vulnerability has been identified in the Linux kernel's Network File System NFS daemon that could allow for a Denial of Service and in worst case scenario Arbitrary Code Execution. This Use-After-Free flaw arises from a race condition when the kernel handles the confirmation of an NFS client...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

PT-2026-2503

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ocfs2 subsystem, specifically in the ocfs2 find victim chain function. A kernel BUG occurs when the cl next free rec field within the allocati...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...

ALSA-2025:22388 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...

OESA-2025-2765 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.CVE-2024-36357 In the Lin...

RLSA-2025:21931 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730 kernel: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect CVE-2025-39955 For more details about the security issues,...

RLSA-2025:20095 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of directory entries CVE-2024-53147 kernel: zra...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2025:21917 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 For more details about the security issues, including t...

SUSE-SU-2025:21180-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-21816: hrtimers: Force migrate away hrtimers queued after bsc1238472. - CVE-2025-38653: proc: use the same treatment to check proclseek as ones for procreaditer...

SUSE SLES12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2025:4189-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4189-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-4460:...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

CLSA-2025-1764085382 kernel-uek: Fix of 252 CVEs

drm/amd/display: Skip on writeback when it's not applicable CVE-2024-36914 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - Bluetooth: RFCOMM: Fix not validating setsockopt user input CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input - drm/dpmst: Fix MST...

USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

kernel: NFSD: Protect against send buffer overflow in NFSv2 READ

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This...

Linux Distros Unpatched Vulnerability : CVE-2022-50567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug is the missing check of...

AlmaLinux 8 : kernel (ALSA-2025:21917)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21917 advisory. kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 Tenable has...