Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: NFS: A race condition during the update of an existing write request has been fixed. After the nfslockandjoinrequests function checks whether the request is still attached to the mapping, nothing prevents a call to nfs...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed the filehandle bounds checking in nfsfhtodentry. The function needs to check the minimum filehandle length before it can access the embedded filehandle...

USN-7835-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

NFSD: Define a proc_layoutcommit for the FlexFiles layout type

...

SUSE CVE-2025-40087

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

CVE-2025-40087

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

CVE-2025-40087

CVE-2025-40087 affects the Linux kernel NFSD. The issue is a missing proc_layoutcommit for the FlexFiles layout type, which could crash a pNFS client sending LAYOUTCOMMIT. The fix is to define a proc_layoutcommit for FlexFiles to prevent the crash. EulerOS and Oracle Linux advisories list this CV...

CVE-2025-40087

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

CVE-2025-40087 NFSD: Define a proc_layoutcommit for the FlexFiles layout type

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Siemens SIMATIC Devices Unchecked Error Condition (CVE-2024-36939)

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21795)

NFSD: hang in nfsd4shutdowncallback. If nfs4client is in courtesy state then there is no point to send the callback. This causes nfsd4shutdowncallback to hang since clcbinflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped. This plugin only...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26870)

NFSv4.2: fix nfs4listxattr kernel BUG at mm/usercopy.c:102. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503505; scriptversion"1.2";...

Siemens SIMATIC Devices Return of Wrong Status Code (CVE-2024-26629)

nfsd: The test on socount in nfsd4releaselockowner is potentially harmful. It can transiently return a false positive resulting in a return of NFS4ERRLOCKSHELD when in fact no locks are held. This is clearly a protocol violation and with the Linux NFS client it can cause incorrect behaviour. This...

Linux Distros Unpatched Vulnerability : CVE-2023-53711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back int...

Siemens SIMATIC Devices Use After Free (CVE-2024-26958)

In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

SUSE-SU-2025:20891-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in...