Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007623 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix crash in nfsd4readrelease When tracing is enabled, the tracenfsdreaddone trace point...

USN-8180-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : nfs-utils (SUSE-SU-2026:1356-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1356-1 advisory. This update for nfs-utils fixes the following issue: Security fixes: - CVE-2025-12801: rpc.mountd allows ...

Ubuntu 20.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-8162-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8162-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

SUSE CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006595 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006712 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal...

ROS-20260407-73-0038

A vulnerability in the NFS component of the Linux operating system kernel is related to simultaneous execution using a shared resource with improper synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-31403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's...

CVE-2026-31402

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

CVE-2026-31404

A flaw was found in the Linux kernel's Network File System Daemon NFSD component. This vulnerability occurs because certain sub-objects are freed prematurely while still being accessed by other parts of the system. A local attacker could potentially trigger a Use-After-Free UAF condition, leading...

CVE-2026-31403

A flaw was found in the Linux kernel's Network File System Daemon NFSD component. A local user can exploit this vulnerability by opening the /proc/fs/nfs/exports file and then causing the associated network namespace to be destroyed. Subsequent attempts to read from the still-open file descriptor...

CVE-2026-31404

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

CVE-2026-31402 nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...

GO-2026-4816 NFS CSI driver for Kubernetes is Vulnerable to Path Traversal through Volume Identifier Parameter in github.com/kubernetes-csi/csi-driver-nfs

NFS CSI driver for Kubernetes is Vulnerable to Path Traversal through Volume Identifier Parameter in github.com/kubernetes-csi/csi-driver-nfs...

SUSE-SU-2026:1081-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply...

CVE-2026-23297

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...