31 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: A use-after-free bug has been fixed in open. If someone cancels the open RPC call, then we must not attempt to free either the open slot or the layoutget operation arguments, as they are likely still in use by the hun...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005709)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005709 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with trivial replies,...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003056)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003056 advisory. The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988943)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988943 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of t...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986312)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986312 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of t...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987059)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987059 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of t...
EUVD-2022-55341
Malicious code in bioql PyPI...
EUVD-2022-54911
Malicious code in bioql PyPI...
CVE-2023-53241
The CVE-2023-53241 entry describes a Linux kernel NFSD flaw where op_release was skipped for some replies, causing a potential memory leak in layoutget when an error occurs. The fix ensures op_release is called even if op_func returns an error and, on error, nfsd4_block_get_device_info_scsi must ...
PT-2025-37682
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where the op release function is not consistently called, even when op func returns an error. This can lead to a memory leak in the layoutget codepat...
DEBIAN-CVE-2022-50072
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call...
CVE-2022-50072 NFSv4/pnfs: Fix a use-after-free bug in open
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call...
Linux Distros Unpatched Vulnerability : CVE-2022-49316
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout...
SUSE CVE-2022-49316
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
DEBIAN-CVE-2022-49316
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
CVE-2022-49316
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
UBUNTU-CVE-2022-49316
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
CVE-2022-49316 NFSv4: Don't hold the layoutget locks across multiple RPC calls
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
CVE-2022-49316
CVE-2022-49316 affects the Linux kernel’s NFSv4 layout management. The issue arises when performing layoutget as part of an open() compound: locks for the layoutget are held across multiple RPC calls, which can trigger recalls and deadlock. The connected advisories (EulerOS/Unity/Nessus OSS) conf...
CVE-2022-49316 NFSv4: Don't hold the layoutget locks across multiple RPC calls
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...