Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: Avoid NULL dereferencing on a zero-length gsstoken in gssreadproxyverf A zero-length gsstoken results in pageaddress being == 0, and intoken-pages0 being NULL. The code pageaddressintoken-pages0, which can lea...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013278 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails Tenable has extracted the preceding...

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

CVE-2025-71120

CVE-2025-71120 (Linux kernel) involves SUNRPC: svcauth_gss handling of a zero-length gss_token, which can dereference NULL when copying. The vulnerability occurs because code unconditionally dereferenced in_token->pages[0] during the initial memcpy, even if the copy length is 0. The fix guards...

UBUNTU-CVE-2022-50821

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails...

CVE-2022-50821 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails...

CVE-2022-50821

CVE-2022-50821 targets the SUNRPC code in the Linux kernel, where netobj memory is leaked when gss_read_proxy_verf() fails. The issue has been addressed by kernel fixes in the SUSE advisories (kernel update) and related vendor advisories. Public reports confirm that remediation involves applying ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to free netobj memory when the gssreadproxyverf function fails, which could lead to a memory lea...

GSD-2023-1001294 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails

SUNRPC: Don't leak netobj memory when gssreadproxyverf fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1000952 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails

SUNRPC: Don't leak netobj memory when gssreadproxyverf fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

GSD-2023-1000501 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails

SUNRPC: Don't leak netobj memory when gssreadproxyverf fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.17 by commit...