Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-fc: The use of lock access to portstate and rportstate was corrected. nvmefcunregisterremote removes the remote port from an lport object at any time when there is no active association. This issue conflicts with the...

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

CVE-2025-40342

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because...

UBUNTU-CVE-2025-40342

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because...

Linux Distros Unpatched Vulnerability : CVE-2025-40342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no...

PT-2025-49795

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s nvme-fc module related to accessing port and remote port states without proper locking mechanisms. Specifically, the nvme fc unregister remote functio...

SUSE CVE-2024-53178

In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with opencacheddir opencacheddir may either race with the tcon reconnection even before compoundsendrecv or directly trigger a reconnection via SMB2openinit or SMBqueryinfoinit. The...

SUSE CVE-2021-47001

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd and thus enabling more RPC Calls to be sent /before/ rpcrdmapostrecvs can post enough Receive WRs to receive their replies. This causes a...

PT-2024-11105 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the xprtrdma component in the Linux kernel. After a reconnect, the reply handler opens the cwnd, enabling more RPC Calls to be sent before rpcrdma post recvs ca...