29 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-49979: net: fix refcount bug in skpsockget bsc1245109. CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2026-23239: espintcp: Fix race condition in...
USN-8275-1 linux-xilinx-zynqmp vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
kernel security update
An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RLSA-2026:2264 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it CVE-2025-38403 kernel: net: use dstdevrcu in sksetupcaps CVE-2025-40170 kernel: ipv6: use RCU in ip6xmit...
CVE-1999-0783
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system...
CVE-1999-0170
Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list...
UBUNTU-CVE-2025-68349
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...
CVE-2025-68185 nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
USN-7909-5 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...
USN-7774-5 linux-nvidia-tegra-igx vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7651-4 linux-gcp, linux-gcp-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...
Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122222 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-53214: vfio/pci:...
USN-7383-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...
SUSE CVE-2021-47259
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4initclient KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to hit this with kernels starting...
Linux Kernel Resource Management Error Vulnerability (CNVD-2023-34467)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux Kernel suffers from a resource management error vulnerability that originates from a mix-up in the instructions responsible for freeing memory in nfsd4sscsetupdul in...
kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service...
kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack
A use-after-free vulnerability was found in nfs42sscopen in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial of service...
CLSA-2022-1655821334 Fixed 6 CVEs in kernel
net: qrtr: fix another OOB Read in qrtrendpointpost CVE-2021-3743 - vt: keyboard: avoid signed integer overflow in kascii CVE-2020-13974 - pNFS/flexfiles: fix incorrect size check in decodenfsfh CVE-2021-4157 - esp: Fix possible buffer overflow in ESP transformation CVE-2022-27666 - sock: remove...
kernel: nfs: use-after-free in svc_process_common()
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...