CVE-2026-45983

nfsd: never defer requests during idmap lookup...

PT-2026-43850

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nfsd component where certain operations, such as SETATTR, can trigger idmap lookup upcalls during v4 request compound argument decoding. If these upcall responses...

CVE-2026-43394

CVE-2026-43394 (Linux kernel) : A local credential reference leak in nfsd_nl_listener_set_doit() occurs because get_current_cred() is used without a corresponding put_cred(). The function runs in process context during sendmsg(), and current->cred remains valid, so the extra refcount is unnece...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006595 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the...

CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

PT-2025-49453

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System Daemon NFSD does not properly handle requests for new time deleg FATTR4 attributes introduced in newer NFS specifications. Specifically, NFSv4...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...

CVE-2025-40087 NFSD: Define a proc_layoutcommit for the FlexFiles layout type

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

Unbreakable Enterprise kernel security update

5.4.17-2136.347.6.4 - nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Jeff Layton Orabug: 38501612 CVE-2025-38724...

CVE-2022-50487

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2025-40674

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Network File System Daemon NFSD related to handling RPC calls in NFSv3 READDIR operations. The issue stems from a potential send buffer overflow that...

PT-2025-40086

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s nfs/localio functionality. Specifically, the issue involves improper credential handling when releasing pageio data, potentially triggering a bug in t...

PT-2025-37682

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where the op release function is not consistently called, even when op func returns an error. This can lead to a memory leak in the layoutget codepat...

NFSD: fix race between nfsd registration and exports_proc

...

CLSA-2025-1753298320 kernel: Fix of 16 CVEs

Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 - NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50072 - NFSv4: Don't hold the layoutget locks across multiple RPC calls CVE-2022-50072 - net: qrtr: start MHI channel after endpoit creation CVE-2022-50044 - tty: ngsm: add sanity...

CLSA-2025-1753297988 kernel: Fix of 17 CVEs

Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 - drm/amd/display: clear optc underflow before turn off odm clock CVE-2022-49969 - NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50072 - NFSv4: Don't hold the layoutget locks across multiple RPC calls CVE-2022-50072 - tty: ngsm:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nfsd not properly initializing ssc resulting in laundromatwork null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from nfsd ignoring the svcprocregister return code...

The vulnerability of the NFSD component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the NFSD component in the Linux operating system’s kernel is related to improper validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...