Oracle Linux 9 : ELSA-2025-20518-0: / kernel (ELSA-2025-205180)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-205180 advisory. - iouring/futex: ensure iofutexwait cleans up properly on failure CKI Backport Bot RHEL-114336 CVE-2025-39698 - NFS: Fix filehandle bounds checking i...

AlmaLinux 8 : kernel (ALSA-2025:21917)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21917 advisory. kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 Tenable has...

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

DEBIAN-CVE-2025-40212

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsdsetfhdentry nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the various exported filesystems using LOOKUP requests from a known root filehandle. NFSv3 uses the MOUNT protocol ...

UBUNTU-CVE-2025-40212

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsdsetfhdentry nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the various exported filesystems using LOOKUP requests from a known root filehandle. NFSv3 uses the MOUNT protocol ...

CVE-2025-40212

CVE-2025-40212 (Linux kernel) : A refcount leak in nfsd_set_fh_dentry() can occur when a v3/v2 client uses a filehandle from the NFSv4 “pseudo root filesystem.” The kernel may store the export in a svc_fh and drop a reference later (exp_put()), causing an extra reference to be freed on fh_put(), ...

CVE-2025-40212 nfsd: fix refcount leak in nfsd_set_fh_dentry()

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsdsetfhdentry nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the various exported filesystems using LOOKUP requests from a known root filehandle. NFSv3 uses the MOUNT protocol ...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

RHEL 8 : kernel (RHSA-2025:21917)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21917 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating...

ALSA-2025:21917 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 For more details about the security issues, including t...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-3997...

PT-2025-52885

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the NFSv4/pNFS implementation where the NFS INO LAYOUTCOMMIT flag is not properly cleared in the pnfs mark layout stateid invalid function. This can lead to a crash when...

Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

...

f2fs: zone: fix to avoid inconsistence in between SIT and SSA

...

Ubuntu 16.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7875-1)

"The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7875-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwe...

Linux Distros Unpatched Vulnerability : CVE-2025-40210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert NFSD: Remove the cap on number of operations per NFSv4 COMPOUND I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which...