Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting the ACL. A NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL later. It finds that the ACL is only a default ACL based on the mode bits, not the...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: lockd: Other missing fields are set when unlocking files. The vfslockfile function expects that the struct filelock structure is fully initialized by the caller. If the flfile field is NULL after re-exporting NFSv3, an OOP err...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the reference count leak in nfsdsetfhdentry. nfsd exports a “pseudo root filesystem” which is used by NFSv4 to find the various exported filesystems using LOOKUP requests from a known root filehandle. NFSv3 uses th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fixed a race condition related to waking up the NFSLAYOUTDRAIN flag. We identified several systems where tasks were stuck in a writeback process, waiting for the same page lock. Additionally, one task was waiting for...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fixed a crash in nfsd4readrelease. When tracing is enabled, the tracenfsdreaddone trace point crashes during the pynfs read.testNoFh test...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Issues with the LTP test failing when timestamps are delegated have been fixed. The utimes01 and utime06 tests fail when delegated timestamps are enabled, especially in subtests that modify the atime and mtime fields using t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache once for each folio. If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths that are smaller than the page size. When we loop through the folios in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: A use-after-free issue has been fixed in the asynchronous open function. Yang Erkun reported that when two threads open files at the same time and are forced to abort before a response is received, the call to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Fixed an error in pnfsmarkrequestcommit, when performing ODIRECT operations. Fixed an error-prone condition in pnfsmarkrequestcommit, when adding a set of write operations to the commit list in order to reschedule them...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - net: 9p: fixed a refcount leak in error handling of p9readwork. - p9reqput must be called when m-rreq-rc.sdata is NULL to avoid a temporary refcount leak. Dominique: made changes to the commit message, fixed arguments for...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields also need to match, as they define the client’s identity, as presented ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a deadlock involving nfsreleasefolio Wang Zhaolong reported a deadlock involving NFSv4.1 state recovery, waiting on kthreadd, which attempts to reclaim memory by calling nfsreleasefolio. The latter cannot proceed due t...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed a UAF in cifsdemultiplexthread There is a UAF when performing xfstests on cifs: BUG: KASAN: Use-after-free in smb2isnetworknamedeleted+0x27/0x160 Reading a size 4 value at address ffff88810103fc08 by task cifsd/923...

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14204)

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsumountallreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens RuggedCom Rox Out-of-bounds Read (CVE-2019-14197)

An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfsreadreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14194)

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv2 case. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14203)

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsmountreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7461-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7461-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

CVE-2026-53689

libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c...

EUVD-2026-36027

libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c...