373 matches found
EUVD-2026-1425
Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...
PT-2026-25989
Impact Some specific 1 out of 256 User Supplied Secrets USS were not used, making the resulting Compound Device Identifier CDI the same as if no USS was provided. Affected client applications: all client apps using the tkeyclient Go module. Patches Upgrade to v1.3.0. NOTE WELL: For the affected e...
kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...
DEBIAN-CVE-2025-40320
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...
CVE-2025-40320 smb: client: fix potential cfid UAF in smb2_query_info_compound
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...
The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’
Myanmar’s military has been blowing up parts of the KK Park scam compound. Experts say the actions are likely for show...
CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"
...
Linux Distros Unpatched Vulnerability : CVE-2025-40210
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert NFSD: Remove the cap on number of operations per NFSv4 COMPOUND I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which...
EUVD-2025-198437
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
DEBIAN-CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
AZL-70660 CVE-2025-40210 affecting package kernel for versions less than 6.6.112-1
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
UBUNTU-CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-40210
CVE-2025-40210 relates to the Linux kernel NFSD component, where a missing cap on the number of operations per NFSv4 COMPOUND could allow an attacker to place an arbitrarily large op count in the COMPOUND header, triggering a vmalloc allocation failure for the COMPOUND op array. The issue has bee...
CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of the limit on the number of NFSv4 COMPOUND operations, which could lead to an over-allocation ...
DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound
A new US law enforcement initiative is aimed at crypto fraudsters targeting Americans—and now seeks to seize infrastructure it claims is crucial to notorious scam compounds...