SUSE-SU-2026:1356-1 Security update for nfs-utils

This update for nfs-utils fixes the following issue: Security fixes: - CVE-2025-12801: rpc.mountd allows a NFSv3 client to escalate their privileges and access subdirectories and subtrees of an exported directory bsc1259204. Other fixes: - Split from nfs-utils into its own spec and changelog file...

GHSA-VJ8V-P5VW-M6V5 xrootd has path traversal in directory listing that allows access to the parent directory via trailing ".." pattern

Summary A path traversal vulnerability in XRootD allows users to escape the exported directory scope and enumerate the contents of the parent directory by appending /.. specifically without trailing slash to an exported path in xrdfs ls or HTTP PROPFIND requests. This bypass ignores the all.expor...

CVE-2006-3468

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service file system panic via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle inode number, which triggers an error and causes an exported directory to be remounted...