CVE-2026-43193

The CVE-2026-43193 entry concerns the Linux kernel NFS daemon (nfsd). Affected component: kernel NFS implementation, specifically nfsd_get_dir_deleg(). Root cause: a refcount leak in nfs4_file where the reference to the object fp was not released before returning. Impact stated in sources is a re...

CVE-2025-71090 nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg()

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfsdfile reference leak in nfsd4addrdaccesstowrdeleg nfsd4addrdaccesstowrdeleg unconditionally overwrites fp-fifdsORDONLY with a newly acquired nfsdfile. However, if the client already has a SHAREACCESSREAD open from a...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: The value of sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...

SUSE CVE-2025-37871

In the Linux kernel, the following vulnerability has been resolved: nfsd: decrease sccount directly if fail to queue dlrecall A deadlock warning occurred when invoking nfs4putstid following a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist nfs4anylockblockers breakleas...