NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

DEBIAN-CVE-2025-39730

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...

CVE-2025-39730

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...

CVE-2025-39730 NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...

CVE-2025-39730

CVE-2025-39730 is a Linux kernel issue affecting NFS filehandle handling. The connected Astra/Amazon Linux livepatch advisories (ALAS2023LIVEPATCH-2025-108 and related entries) confirm a fix for NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() by ensuring the minimal filehandle length is...

CVE-2025-39730 NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...

9p: add missing locking around taking dentry fid list

...

fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name

...

Linux Distros Unpatched Vulnerability : CVE-2025-38615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's...

kernel: ext4: fix off-by-one error in do_split

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...

kernel: nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

DEBIAN-CVE-2025-38615

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...

UBUNTU-CVE-2025-38615

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...

CVE-2025-38615

CVE-2025-38615 affects the Linux kernel NTFS3 file system (fs/ntfs3). The vulnerability arises when renaming a file on an NTFS3 volume with a corrupted i_link, where make_bad_inode() is invoked on a live inode. This can lead to the inode being treated as bad while it remains in icache, and a race...

kernel: nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

kernel: nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

Linux Distros Unpatched Vulnerability : CVE-2025-37988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH handling by domovemount Normally dolockmountpath, is...

Linux Distros Unpatched Vulnerability : CVE-2025-22073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything...

Linux Distros Unpatched Vulnerability : CVE-2025-22026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails,...