CVE-2025-68761

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfscorrectnextunusedCNID This code calls hfsbnodeputnode which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so...

CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

UBUNTU-CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68764

CVE-2025-68764 : The OSV entry confirms a Linux kernel fix for NFS automounts not inheriting user-specified mount flags (ro, noexec, nodev, sync). Root cause: during automount, the superblock options were not preserved; fix ensures these mount options propagate to the automounted filesystem. Impa...

CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

CVE-2025-68761 hfs: fix potential use after free in hfs_correct_next_unused_CNID()

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfscorrectnextunusedCNID This code calls hfsbnodeputnode which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so...

CVE-2025-68761

CVE-2025-68761 — Linux kernel (HFS subsystem) Affected component: kernel hfs code path in the Linux kernel. The vulnerability is a use-after-free in hfs_correct_next_unused_CNID() caused by dereferencing a node after dropping its reference count via hfs_bnode_put(node). Root cause: The code drops...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the hfs file system where the hfscorrectnextunusedCNID function still references a node after a call to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the NFS automount file system not inheriting the ro, noexec, nodev, and sync flags, which could lead to...

CVE-2025-48769 Apache NuttX RTOS: fs/vfs/fs_rename: use after free

Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...

PT-2026-27662

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nfsd nl threads set doit function. Specifically, a reference to a cred structure is leaked when nfsd nl threads set doit calls nfsd svc...

PT-2026-6123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a deadlock issue involving NFSv4.1 state recovery. The deadlock occurs when kthreadd attempts to reclaim memory by calling the nfs release folio function, which...

PT-2026-4489

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System daemon nfsd is susceptible to a server crash when attempting to unlock the filesystem through an administrative interface while nfsd is not running...

PT-2026-26100

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.2 through 6.10 Description A flaw exists in the Linux kernel related to the xfs file system. Specifically, the xchk scrub create subord function did not correctly handle error conditions, potentially returning an invali...

PT-2026-4480

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the NFS daemon nfsd related to handling grace periods during server shutdown. Specifically, writing to the v4 end grace structure can occur concurrently with...

PT-2026-26125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the f2fs file system related to the handling of node footers during read and write operations. Specifically, the issue arises when a corrupted nod...

PT-2026-6120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the pNFS parallel Network File System implementation. Specifically, a deadlock can occur when returning a delegation during an open operation...

EUVD-2025-206033

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 EC2007 Kernel v5.22. The flaw is a Time-of-Check Time-of-Use TOCTOU race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files...