AlmaLinux 8 : kernel-rt (ALSA-2026:13578)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13578 advisory. kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend...

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Do not hold the layoutget locks across multiple RPC calls When performing layoutget as part of the open compound, we must be careful to release the layout locks before calling any further RPC calls, such as setattr. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fixed the behavior of the READ operation near OFFSETMAX. Dan Aloni reports: Due to commit 8cfb9015280d “NFS: Always provide aligned buffers to RPC read layers” on the client, a read of 0xfff is aligned up to the server’s...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Prevent NULL dereferencing in cifscomposemountoptions. The optional @ref parameter may contain a NULL nodename. Therefore, prevent dereferencing it in cifscomposemountoptions. Address-Coverity: 1476408 „Explicit NULL...

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in fs/nfs/dir.c in the Linux kernel before version 5.16.5. If an application sets the ODIRECTORY flag and attempts to open a regular file, nfsatomicopen performs a regular lookup. If a regular file is found, ENOTDIR should be returned; however, the server instead returns...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfs4: Fixed a memory leak when allocating slots failed. If one of the slot allocations fails, all other allocated slots should be cleaned up. Otherwise, the allocated slots will cause a leak: - Unreferenced object...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In situations with low memory availability, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: The NFSINOLAYOUTCOMMIT field was cleared in pnfsmarklayoutstateidInvalidial. This fix prevents a crash occurring when the layout is null during this call stack: write inode - nfs4write inode - pnfslayoutcommit inode...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Actions must be defined for the new timedeleg FATTR4 attributes. NFSv4 clients will not send legitimate GETATTR requests for these new attributes, as they are intended to be used only with CBGETATTR and SETATTR. However,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed the NULL dereference in nfs3svcencodegetaclres In error cases, the dentry may be NULL. Before 20798dfe249a, the encoder also checked dentry and dreallyispositivedentry, but I think that was unnecessary—a zero status...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fixed a race condition in nfslocalopenfh Once the clp-cluuid.lock is dropped, another CPU may come in and free the structnfsdfile that was just added. To prevent this from happening, take the RCU read lock before...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed the handling of large file sizes in NFSv3 SETATTR/CREATE procedures. iattr::iasize is a lofft type; therefore, these NFSv3 procedures must be careful to handle incoming client size values that are larger than s64ma...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a use-after-free in nfs4initclient. KASAN reported a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to exploit this issue with...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed a panic that occurred when nfs4fflayoutprepareds failed. We have observed the following panics in production: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000065 PGD: 2f485f067; P4D: 2f485f067;...

Astra Linux – Vulnerability in Linux

The fs/nfs/nfs4client.c file in the Linux kernel before version 5.13.4 has an incorrect connection-setup ordering. This allows operators of remote NFSv4 servers to cause a denial of service termination of services, by arranging for those servers to become unreachable during trunking detection...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed an oopsable condition in nfspageioaddrequest. Ensured that nfspageioerrorcleanup resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also changed the test in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the handling of cached open files in the nfsd4open code path. The commit fb70bf124b05 “NFSD: Instantiate a struct file when creating a regular NFSv4 file” added the ability to cache an open file descriptor across...