CVE-2025-40010

In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afsputserver afsputserver accessed server-debugid before the NULL check, which could lead to a null pointer dereference. Move the debugid assignment, ensuring we never dereference a...

CVE-2025-40010 afs: Fix potential null pointer dereference in afs_put_server

In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afsputserver afsputserver accessed server-debugid before the NULL check, which could lead to a null pointer dereference. Move the debugid assignment, ensuring we never dereference a...

SUSE-SU-2025:3675-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

kernel: sunrpc: fix client side handling of tls alerts

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

PT-2026-2528

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the F2FS filesystem related to extent cache management. Specifically, the issue involves the potential addition of a zero-sized extent into the...

ALSA-2025:18281 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix clien...

SUSE-SU-2025:03663-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous...

Path traversal vulnerability via `FileSystemPathPointer.join()` method allows unauthorized file access

Description A critical path traversal vulnerability exists in the FileSystemPathPointer.join method within the nltk library. The vulnerability allows attackers to bypass directory restrictions and access files outside the intended directory structure by using path traversal sequences such as ../ ...

OESA-2025-2469 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining t...

SUSE-SU-2025:03626-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...

Rockwell Automation PanelView Plus 7 Performance Series B Authentication Bypass Vulnerability

Rockwell Automation PanelView Plus 7 Performance Series B is a versatile HMI application from Rockwell Automation. An authentication bypass vulnerability exists in Rockwell Automation PanelView Plus 7 Performance Series B, which can be exploited by an attacker to cause unauthorized access,...

CLSA-2025-1760647898 Fix of 22 CVEs

CVE-url: https://ubuntu.com/security/CVE-2022-43945 - NFSD: Protect against send buffer overflow in NFSv3 READ Focal update: v5.4.285 upstream stable release LP: 2089233 // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafbta...

Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to access to the device's file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

EUVD-2022-55059

In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfsreadinodemount invokes ntfsmallocnofs with zero allocation size. It triggers one BUG in the ntfsmalloc function. Fix this by adding sanity check on ni-attrlistsize...

CVE-2025-59206

Windows Resilient File System ReFS Deduplication Service Elevation of Privilege Vulnerability...

CVE-2025-59189

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally...

CVE-2025-59210

Windows Resilient File System ReFS Deduplication Service Elevation of Privilege Vulnerability...

CVE-2025-55687

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Resilient File System ReFS allows an unauthorized attacker to elevate privileges locally...

CVE-2025-48004

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally...

USN-7801-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...