208 matches found
SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2503-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2503-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.37 fixes various security issues The following security issues were fixed: -...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Do not ignore the return code of svcprocregister. Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the creation of the procfile fails, the kernel will issue a WARN when it attempts to remove the...
SUSE-SU-2026:2592-1 Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
SUSE-SU-2026:2500-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay...
Astra Linux – Vulnerability in Linux 5.15
The Linux kernel’s NFSD implementation before versions 5.19.17 and 6.0.2 is vulnerable to buffer overflow attacks. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the...
EUVD-2026-32268
In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops e.g. SETATTR can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cachecheck wil...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from nfsd’s improper handling of request delays during the idmap search process. This issue may cause...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Cleanup of potential nfsdfile refcount leaks in the COPY code path. There are two different versions of the nfsd4copy structure. One is embedded within the compound structure and is used directly in synchronous copies. T...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed an UAF in svctcplistendataready After the listener svcsock is freed, and before invoking svctcpaccept for the established child sock, there is a window during which the newsock may retain the freed listener svcsock ...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the startup race issue with nsfd again. The commit bd5ae9288d64 "nfsd: register pernet ops last, unregister first" re-opened the race in rpcpipefsevent, which was related to the registration of nfsdnetid using...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfsd: Cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownnet In the normal case, when we execute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “NFSD: Remove the cap on the number of operations per NFSv4 COMPOUND.” I have found that the pynfs COMP6 now leaves the connection or lease in a strange state, causing CLOSE9 to hang indefinitely. I have investigated this issue a...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...
UBUNTU-CVE-2026-43394
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...
CVE-2026-43193
A flaw was found in the Linux kernel's Network File System Daemon nfsd. A reference count leak in the nfsdgetdirdeleg function can lead to resource exhaustion. This vulnerability, if repeatedly triggered, may allow an attacker to cause a Denial of Service DoS by consuming available system resourc...
CVE-2026-43193 nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4file refcount leak in nfsdgetdirdeleg Claude pointed out that there is a nfs4file refcount leak in nfsdgetdirdeleg. Ensure that the reference to "fp" is released before returning...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend CVE-2025-40252 kernel: crypto: asymmetricke...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013719 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client shou...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012981)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012981 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: free copynotify stateid in nfs4freeolstateid Typically copynotify stateid is freed either...
CLSA-2026-1775655705 kernel-uek: Fix of 34 CVEs
ALSA: usb-audio: Fix use-after-free in sndusbmixerfree CVE-2026-23089 - HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 - KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory CVE-2024-50115 - KVM: x86: Reset IRTE to host control if new route isn't postable CVE-2025-37885...