2006 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-56740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfs/localio: must clear res.replen in nfslocalreaddone Otherwise memory corruption can occur...
USN-7703-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7704-4: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7703-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-2 linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gkeop, linux-ibm, linux-ibm-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7701-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7704-1)
"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7704-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Linux Distros Unpatched Vulnerability : CVE-2025-23143
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning...
SUSE CVE-2025-38566
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...
USN-7703-1 linux, linux-aws, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7703-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
UBUNTU-CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
UBUNTU-CVE-2025-38567
In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsdopenlocalfh If two calls to nfsdopenlocalfh race and both successfully call nfsdfileacquirelocal, they will both get an extra reference to the net to accompany the file reference stored in pnf. One of...
CVE-2025-38571
The CVE-2025-38571 entry documents a Linux kernel flaw in sunrpc client-side handling of TLS alerts within NFS over TLS. The vulnerability stems from a misassumption that valid data resides in the msghdr iterator’s kvec, which could be exploited by TLS alert handling. The recommended fix reworks ...
CVE-2025-38571 sunrpc: fix client side handling of tls alerts
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
CVE-2025-38571 sunrpc: fix client side handling of tls alerts
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
CVE-2025-38571
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...
CVE-2025-38567
The CVE-2025-38567 vulnerability affects the Linux kernel NFS server (nfsd) where racing calls to nfsd_open_local_fh() can cause an extra reference to the net to be leaked if both calls succeed in nfsd_file_acquire_local(). One instance will fail to store the file reference yet keep the extra net...
CVE-2025-38567 nfsd: avoid ref leak in nfsd_open_local_fh()
In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsdopenlocalfh If two calls to nfsdopenlocalfh race and both successfully call nfsdfileacquirelocal, they will both get an extra reference to the net to accompany the file reference stored in pnf. One of...