CVE-2026-43394

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...

UBUNTU-CVE-2026-43394

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...

CVE-2026-43394

CVE-2026-43394 (Linux kernel) : A local credential reference leak in nfsd_nl_listener_set_doit() occurs because get_current_cred() is used without a corresponding put_cred(). The function runs in process context during sendmsg(), and current->cred remains valid, so the extra refcount is unnece...

CVE-2026-42226

n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supp...

EUVD-2026-27093

n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supp...

CVE-2026-23297

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

CVE-2026-23297

CVE-2026-23297 affects the Linux kernel’s NFS daemon (nfsd). The issue is a memory leak of struct cred caused by how nfsd_nl_threads_set_doit() passes current credentials to nfsd_svc() and later to _svc_xprt_create() without transferring ownership, leaving a refcount leak. SYZBOT identified a lea...

CVE-2026-23297 nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

DEBIAN-CVE-2023-53136

In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that queueoob calls maybeaddcreds which potentially holds a reference on a pid. But skb-destructor is not set either directly or by calling...

CVE-2024-56564 ceph: pass cred pointer to ceph_mds_auth_match()

In the Linux kernel, the following vulnerability has been resolved: ceph: pass cred pointer to cephmdsauthmatch This eliminates a redundant getcurrentcred call, because cephmdscheckaccess has already obtained this pointer. As a side effect, this also fixes a reference leak in cephmdsauthmatch: by...

CVE-2022-23090

The aioaqueue function, used by the liolistio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free UAF...

CVE-2022-23090

The aioaqueue function, used by the liolistio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free UAF...