Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: The issue was addressed in nfsd4setclientidconfirm. Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. A SETCLIENTIDCONFIRM operation might race with a confirmed...

Siemens SIMATIC S7-1500 Use After Free (CVE-2025-38724)

In the Linux kernel, the following vulnerability has been resolved: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. a SETCLIENTIDCONFIRM could race with a confirmed client...

CVE-2025-38724 nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()

In the Linux kernel, the following vulnerability has been resolved: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. a SETCLIENTIDCONFIRM could race with a confirmed client...

CVE-2025-38724

CVE-2025-38724: Linux kernel NFS server (nfsd) had a race in nfsd4_setclientid_confirm() where it did not check get_client_locked() return, risking reference loss and a potential use-after-free. A fix obtains a reference early when a confirmed client exists, and handles failure as if no confirmed...