Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013572 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-dere...

ROS-20260414-73-0042

A vulnerability in the cifssmb3domount function of the fs/smb/client/cifsfs.c module of the SMB client support module of the Linux operating system kernel is related to improper memory release "memory leak". Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-50885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in...

CVE-2022-50885

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxeqpdocleanup+0x2f3/0x360 rdmarxe Read of size 8 at addr 000000000000001...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989234)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989234 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989394 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifscomposemountoptions The optional @ref parameter might contain an...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988780 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987107 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP...

EUVD-2022-54690

Malicious code in bioql PyPI...

CVE-2023-53230 smb: client: fix warning in cifs_smb3_do_mount()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...

kernel: Fix of 4 CVEs

media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit CVE-2022-49478 - x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - cifs: fix potential double free during failed mount CVE-2022-49541 - drm/amd/pm: fix double free in siparsepowertable CVE-2022-49530...

ALSA-2025:8142 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

The vulnerability of the cifs_compose_mount_options() function in the fs/smb/client/cifsproto.h module, a support module for the SMB client in Linux kernel, allows a hacker to trigger a service failure.

The vulnerability of the cifscomposemountoptions function in the fs/smb/client/cifsproto.h module, which is part of the SMB client support in Linux kernel, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service...

CVE-2025-22077

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP timers deadlock after rmmod" is intended to fix a null-ptr-deref in...

CVE-2025-21962

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffi...

CVE-2025-21964

CVE-2025-21964 affects the Linux kernel CIFS mount option acregmax. The issue arises when user-provided acregmax (u32) is not yet validated; its value is converted from seconds to jiffies, which can overflow an integer. This is a local vulnerability in which an attacker with local access could po...

CVE-2025-21962

CVE-2025-21962 affects the Linux kernel CIFS mount option closetimeo, where user-provided closetimeo (u32) is converted to jiffies before validation, allowing an integer overflow. Connected sources (Astra Linux, ALAS AWS advisories, Debian/Red Hat references) confirm this as a kernel-level issue ...

CVE-2025-21962 cifs: Fix integer overflow while processing closetimeo mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffi...