Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7585-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7585-1 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when...

USN-7585-2: Linux kernel (FIPS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7585-1: Linux kernel vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

SUSE CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

SUSE CVE-2022-50072

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call...

SUSE CVE-2025-38023

In the Linux kernel, the following vulnerability has been resolved: nfs: handle failure of nfsgetlockcontext in unlock path When memory is insufficient, the allocation of nfslockcontext in nfsgetlockcontext fails and returns -ENOMEM. If we mistakenly treat an nfs4unlockdata structure whose lctx...

DEBIAN-CVE-2022-50072

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to free either the open slot or the layoutget operation arguments, since they are likely still in use by the hung RPC call...

DEBIAN-CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

UBUNTU-CVE-2022-50006

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2 fix problems with nfs42sscopen A destination server while doing a COPY shouldn't accept using the passed in filehandle if its not a regular filehandle. If allocfilepseudo has failed, we need to decrement a reference on th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from cifs not releasing page references when using fscache, which could lead to a memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unhandled nfsgetlockcontext failure that could result in a null pointer dereference...

PT-2025-25798

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc2-dirty 60 Description A vulnerability in the Linux kernel has been identified, where the allocation of nfs lock context in nfs get lock context fails and returns -ENOMEM when memory is insufficient. If...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from NFSv4 releasing resources even after canceling an open RPC call resulting in post-release reuse...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: NFS: fixed nfsreleasefolio to prevent deadlock caused by kcompactd writeback. Added the PFKCOMPACTD flag and the currentiskcompactd helper to check for it, so that nfsreleasefolio can skip calling nfswbfolio from kcompactd...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: NFSv4: A deadlock occurs when recovering state on a file that has been renamed. If a file is renamed and scheduled for deletion upon closing, a server reboot may trigger an open reclaim operation. This can lead to a race conditio...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: The value of sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...

kernel: cifs: Fix integer overflow while processing acdirmax mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions CVE-2024-58098 In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs CVE-2024-58100 I...

PT-2025-24327 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 Description: Dell PowerScale OneFS contains a missing authorization vulnerability in the Network File System NFS export. An unauthenticated attacker with remote access could potentially...

USN-7510-8 linux-aws-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...