Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6821-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-2 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free...

Ubuntu 23.10 : Linux kernel (ARM laptop) vulnerabilities (USN-6818-2)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

USN-6820-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

UBUNTU-CVE-2024-36958

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix nfsd4encodefattr4 crasher Ensure that args.acl is initialized early. It is used in an unconditional call to kfree on the way out of nfsd4encodefattr4...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv-len is a multiple of 4, then dstlen / 4 can write past the destination array which leads to stack corruption. This construct is necessary to clean th...

PT-2024-40993 · Suse · Suse Linux Enterprise

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise 15 SP5 RT kernel affected versions not specified Description: The issue concerns a regression with kerberized nfs4 shares. This update fixes the regression and includes various security bugfixes. Recommendations: At the...

CVE-2021-47507

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix nsfd startup race again Commit bd5ae9288d64 "nfsd: register pernet ops last, unregister first" has re-opened rpcpipefsevent race against nfsdnetid registration registerpernetsubsys which has been fixed by commit...

SUSE CVE-2021-47359

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. 130.698396 watchdog: BUG: soft lockup - CPU6 stuck for 26s!...

CVE-2021-47359

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. 130.698396 watchdog: BUG: soft lockup - CPU6 stuck for 26s!...

DEBIAN-CVE-2021-47259

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4initclient KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to hit this with kernels starting...

DEBIAN-CVE-2021-47260

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfsgetclient None of the callers are expecting NULL returns from nfsgetclient so this code will lead to an Oops. It's better to return an error pointer. I expect that this is dead code so...

UBUNTU-CVE-2021-47260

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfsgetclient None of the callers are expecting NULL returns from nfsgetclient so this code will lead to an Oops. It's better to return an error pointer. I expect that this is dead code so...

UBUNTU-CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in pnfsmarkrequestcommit when we're putting a set of writes on the commit list to reschedule them after a failed pNFS attempt...

UBUNTU-CVE-2021-47259

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4initclient KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to hit this with kernels starting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfsdrename function incorrectly cleaning up paths...

The vulnerability of the Linux operating system’s Network File System kernel allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s Network File System kernel lies in the lack of protection against unauthorized data processing during the execution of the .GETDEVICEINFO and LAYOUTGET operations in UDP packets. Exploiting this vulnerability can allow an attacker to cause service...

The vulnerability of the nfs_direct_commit_schedule() function in the fs/nfs/direct.c module of the Linux kernel’s Network File System (NFS) allows a attacker to cause a service failure.

The vulnerability of the nfsdirectcommitschedule function in the fs/nfs/direct.c module of the Linux kernel’s Network File System NFS module is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...