The vulnerability of the Linux operating system’s kernel NFS component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel NFS component is related to improper error handling. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the nfsd component in the Linux operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the nfsd component in Linux operating systems is related to memory management errors after freeing memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerability of the nfsd component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nfsd component in Linux operating systems is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2024-53073

In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pendingasynccopies on error The error flow in nfsd4copy calls cleanupasynccopy, which already decrements nn-pendingasynccopies...

The vulnerability in the usb_device.cgi script of NETGEAR’s router microprogramming software allows a hacker to induce a service failure.

The vulnerability in the usbdevice.cgi script of NETGEAR’s R8500 and R7000P router microprogramming systems lies in a buffer overflow that occurs during the processing of the cifsuser, readaccess, and writeaccess parameters. Exploiting this vulnerability allows an attacker to trigger a...

UBUNTU-CVE-2024-53073

In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pendingasynccopies on error The error flow in nfsd4copy calls cleanupasynccopy, which already decrements nn-pendingasynccopies...

UBUNTU-CVE-2024-50272

In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemapread enters an...

The vulnerability in the client and server implementations of the network file system (NFS) of the OpenBSD operating system allows a perpetrator to influence the confidentiality, integrity, and accessibility of data.

The vulnerability in the client and server implementations of the network file system NFS in the OpenBSD operating system is related to a memory reclamation error. Exploiting this vulnerability allows an attacker to influence the confidentiality, integrity, and accessibility of systems...

CVE-2024-10934

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server...

The vulnerability of the NFS kernel component in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the NFS kernel component in Linux operating systems is related to incorrect blocking in the nfsnetfsissueread function. Exploiting this vulnerability can allow an attacker to cause a service failure...

kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

kernel: nfs: pass explicit offset/count to trace events

nfs in linux kernel permits using nfsfoliolength without locking the folio and without checking for null mapping. This can permit truncation and lead to kernel crash...

cifs: Fix buffer overflow when parsing NFS reparse points

...

DEBIAN-CVE-2024-50241

In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4copy earlier Ensure the refcount and asynccopies fields are initialized early. cleanupasynccopy will reference these fields if an error occurs in nfsd4copy. If they are not correctly initialized, at t...

NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()

...

nfsd: call cache_put if xdr_reserve_space returns NULL

...

DEBIAN-CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

UBUNTU-CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. Intermittent nfs mount failures may be due to SUNRPC over UDP bsc1231353 CVE-2024-40954: net: do not leav...

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024103 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF in isvalidoplockbreak bsc1225011. CVE-2023-52752: smb: client: fix...