Ubuntu: Security Advisory (USN-6602-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6606-1: Linux kernel (OEM) vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51779 It was discovered that the CIFS...

USN-6603-1: Linux kernel (AWS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

USN-6603-1 linux-aws vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

kernel: use-after-free in smb2_is_status_io_timeout()

A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region,...

IBM AIX和IBM Vios 输入验证错误漏洞

IBM AIX and IBM Vios are both products of the International Business Machines IBM Corporation.IBM AIX is an open-standards-based UNIX operating system developed for the IBM Power architecture.IBM Vios is part of the PowerVm® Editions hardware feature. Helps to share physical I/O resources between...

The vulnerability of NFS clients on FreeBSD systems, which allows attackers to access confidential information

The vulnerability of NFS client operating systems on FreeBSD lies in the operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to access confidential information...

CVE-2023-6660

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

PT-2023-7883 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to a bug in the NFS client of FreeBSD operating systems, which can cause the NFS client to fail to copy data to be written but proceed as though the copy operation had...

kernel: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

kernel: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net

A flaw was identified in the NFS server nfsd implementation in the Linux kernel where the initialization of the per-CPU replycachestats counters was relocated incorrectly in the code path. This change can lead to use of uninitialized per-CPU statistical counters during NFS request handling when t...

kernel: NFSD: fix use-after-free in nfsd4_ssc_setup_dul()

An expired pointer dereference flaw was found in the NFSv4 implementation in the Linux kernel, which may negatively affect system availability when the kernel thread is signaled during a mount/unmount operation. If signalpending returns true, scheduletimeout will not be executed, causing the...

kernel: NFSv4/pnfs: Fix a use-after-free bug in open

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call...

kernel: cifs: Fix memory leak on the deferred close

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s hex dump first 32 bytes: 80 5a d0 11 8...

kernel: NFSv4: Don't hold the layoutget locks across multiple RPC calls

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...

PT-2025-40140

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's NFS implementation where a null pointer dereference can occur during parameter parsing. Specifically, the vfs parse fs string function may set the...

The vulnerability of the nfs_lookup_reply function (net/nfs.c) in the U-Boot loader for embedded Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the nfslookupreply function in the U-Boot loader for embedded Linux operating systems is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CLSA-2023-1693426883 kernel: Fix of 20 CVEs

netfilter: nftsetpipapo: fix improper element removal CVE-2023-4004 - net: tun: fix bugs for oversize packet when napi frags enabled CVE-2023-3812 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - net/sched: schqfq: account for stab overhead in qfqenqueue...

CVE-2023-32488

Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure...

USN-6262-1 wireshark vulnerabilities

It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. CVE-2020-13164 It was discovered that Wireshark did not properly...