PT-2026-22929

Name of the Vulnerable Software and Affected Versions nfs-utils affected versions not specified Description A flaw exists in the rpc.mountd daemon within the nfs-utils package for Linux. This issue allows a Network File System version 3 NFSv3 client to gain higher privileges than those defined in...

Linux Distros Unpatched Vulnerability : CVE-2025-68764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock moun...

Siemens SIMATIC Devices Incorrect Calculation of Buffer Size (CVE-2022-43945)

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

Linux Distros Unpatched Vulnerability : CVE-2021-4157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with...

Linux Distros Unpatched Vulnerability : CVE-2025-38400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When...

The vulnerability of the nfsd4_cb_getattr_release() function of the Network File System (NFS) kernel in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfsd4cbgetattrrelease function in the fs/nfsd/nfs4state.c module of the Linux kernel’s Network File System NFS module is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

CVE-2024-26629

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

CVE-2024-26629 nfsd: fix RELEASE_LOCKOWNER

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...

CVE-2024-26629

CVE-2024-26629: Linux kernel nfsd: fix RELEASE_LOCKOWNER. Connected advisories document a patch correcting a test on so_count in nfsd4_release_lockowner(), which could transiently report locks held and cause NFS4 errors. The fix reverts to check_for_locks() (made to not sleep) and prevents false ...

SUSE: Security Advisory (SUSE-SU-2019:2782-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bad ext3/nfs DoS bug

I've tried contacting the relevant maintainers directly, and it's even in the kernel bugzilla, but nothing's happened and it's been over a month now. No-one seems to be doing anyting about this. Is one meant to post this to bugtraq or what? Here's the bug:...

Linux NFS Network File System buffer overflow

Buffer overflow on parsing nfsacl protocol XDR data...

Linux NFS utils package "rpc.mountd" contains off-by-one buffer overflow in xlog() function

Overview A vulnerability in the Linux NFS network File System could permit an attacker to cause a denial of service, or potentially execute arbitrary code on the system. Description The Linux NFS network File System was developed to allow machines to mount a disk partition on a remote machine as ...

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...