kernel: NFSD: fix hang in nfsd4_shutdown_callback

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4shutdowncallback If nfs4client is in courtesy state then there is no point to send the callback. This causes nfsd4shutdowncallback to hang since clcbinflight is not 0. This hang lasts about 15 minutes until...

kernel: NFS: Fix a race when updating an existing write

A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

CLSA-2026-1768824748 kernel: Fix of 7 CVEs

fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...

ROS-20260119-7369

A vulnerability in the nfsacldprocgetacl and nfsd3procgetacl functions of the fs/nfsd/nfs2acl.c module of the Linux kernel NFS network file system support is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integri...

MiracleLinux 3 : nfs-utils-1.0.9-42.1AXS3 (AXSA:2009-391:02)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-391:02 advisory. The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001118)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001118 advisory. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004362 advisory. A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index aft...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001521 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000650)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000650 advisory. The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001201 advisory. The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service system crash via a long RPC...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001070 advisory. nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004277 advisory. A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impac...

MiracleLinux 4 : kernel-2.6.32-642.6.1.el6 (AXSA:2016-714:08)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-714:08 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

MiracleLinux 4 : busybox-1.15.1-20.AXS4 (AXSA:2014-023:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-023:01 advisory. Busybox is a single binary which includes versions of a large number of system commands, including a shell. This package can be very useful for recovering fro...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001114 advisory. Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000655 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003873 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfsdautomount When mounting from a NFSv4 referral, path-dentry can end up bei...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004074 advisory. An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpcrdma.c in the Linux Kernel. This flaw allows an attacker with normal user privilege...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001554 advisory. An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000628 advisory. fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS...