495 matches found
CVE-2022-50861
In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...
SUSE CVE-2023-54276
In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...
UBUNTU-CVE-2022-50861
In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992303)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992303 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d NFS:...
kernel: NFSD: Protect against send buffer overflow in NFSv2 READ
In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array of pages. This...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
RHEL 8 : kernel (RHSA-2025:23445)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23445 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: ALSA USB Aud...
kernel security update
3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...
USN-7930-2 linux-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
USN-7930-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
USN-7930-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
UBUNTU-CVE-2025-40326
In the Linux kernel, the following vulnerability has been resolved: NFSD: Define actions for the new timedeleg FATTR4 attributes NFSv4 clients won't send legitimate GETATTR requests for these new attributes because they are intended to be used only with CBGETATTR and SETATTR. But NFSD has to do...
CVE-2025-40324
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4readrelease When tracing is enabled, the tracenfsdreaddone trace point crashes during the pynfs read.testNoFh test...
EUVD-2025-201582
In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...
CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...
CVE-2025-40273
In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either when parent's stateid is being close/freed or in nfsd4laundromat if the stateid hasn't been used in a lease period. However, in case...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7907-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7907-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
USN-7907-1 linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...
RHEL 8 : kernel (RHSA-2025:22388)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22388 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked...
USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...