Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open CVE-2024-53173 In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu...

USN-7510-7 linux-aws, linux-intel-iotg-5.15, linux-nvidia-tegra-igx, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7521-3 linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Serial ATA and Parallel...

CVE-2024-42500

HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System NFSv4 services...

CVE-2020-3866

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper...

USN-7521-2 linux-aws vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Serial ATA and Parallel...

USN-7510-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7510-4 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7510-3 linux-azure, linux-azure-5.15, linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7515-2 linux-gcp, linux-gcp-6.8, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

USN-7522-1 linux-azure-nvidia vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

USN-7513-3 linux-azure, linux-azure-6.8, linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free in nfsd4sscsetupdul If signalpending returns true, scheduletimeout will not be executed, causing the waiting task to remain in the wait queue. Fixed by adding a call to finishwait, which ensures that the...

USN-7513-1 linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

USN-7512-1 linux-gcp-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7515-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7515-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

kernel: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...

kernel: mm: revert "mm: shmem: fix data-race in shmem_getattr()"

In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmemgetattr" Revert d949d1d14fa2 "mm: shmem: fix data-race in shmemgetattr" as suggested by Chuck 1. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just t...

kernel: NFSD: Prevent a potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

UBUNTU-CVE-2025-37871

In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sccount directly if fail to queue dlrecall A deadlock warning occurred when invoking nfs4putstid following a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist nfs4anylockblockers breakleas...