2003 matches found
PT-2026-43850
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nfsd component where certain operations, such as SETATTR, can trigger idmap lookup upcalls during v4 request compound argument decoding. If these upcall responses...
ROS-20260527-73-0002
A vulnerability in the NFSv4.0 component of the Linux operating system kernel is related to incorrect calculations of the allocated buffer size. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Ubuntu 24.04 LTS / 25.10 : Linux kernel (Azure) vulnerabilities (USN-8310-1)
"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8310-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy...
USN-8278-2: Linux kernel (Azure) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8279-3: Linux kernel (NVIDIA Tegra IGX) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8296-2: Linux kernel (NVIDIA Tegra) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...
Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...
Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-8296-1: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Protection against send buffer overflow in NFSv2 READ Since the time before the advent of Git, NFSD has managed the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array ...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: NFSD: prevented underflow in nfssvcdecodewriteargs Smatch reported the issue as follows: fs/nfsd/nfsxdr.c:341 nfssvcDecodeWriteArgs Warning: no lower bound on ‘args-len’ The type of the variable has been changed to unsigned to...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed the acl memory leak in posixaclcreate When reviewing another nfs xfstests report, I found that errors related to acl and defaultACL in nfs3proccreate and nfs3procmknod might be leaked. These issues need to be...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a potential NULL dereference in nfsgetclient. None of the callers is expected to receive a NULL return value from nfsgetclient. Therefore, this code will result in an Oops error. It’s better to return an error pointer....
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Reworked the handling of scratch space for READPLUS again I discovered that the read code might send multiple requests using the same nfspgioheader. However, the nfs4procreadsetup function is only called once. As a resul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time to recover after a suspend. Upon investigation, it was determined that...
Astra Linux - уязвимость в linux
A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4copy earlier. Ensure that the refcount and asynccopies fields are initialized early. The cleanupasynccopy function will reference these fields if an error occurs in nfsd4copy. If these fields are not...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fixed the NFSv4.2 kernel bug at mm/usercopy.c:102. A call to listxattr with a buffer size of 0 returns the actual size of the buffer required for a subsequent call. When size 0, nfs4listxattr does not return an error...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Locking is provided for v4endgrace. Writing to v4endgrace can cause a race condition with server shutdown, resulting in memory being accessed after it has been freed—especially in the case of reclaimstrhashtbl. We cannot ho...
Astra Linux - уязвимость в u-boot
A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfsreadreply, when calling storeblock in the NFSv3 case...