Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a read of out-of-bounds data at nfsreadreply...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Oracle Linux 7 : kernel (ELSA-2026-1581)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1581 advisory. - e1000e: fix heap overflow in e1000seteeprom CVE-2025-39898 Orabug: 38904071 - i40e: fix idx validation in config queues msg CVE-2025-39971 Orabug:...

CLSA-2026-1770040438 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

CLSA-2026-1769610819 kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27031)

"The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27031 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarr...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38338)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38338 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

RHEL 7 : kernel-rt (RHSA-2025:23960)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23960 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

OESA-2025-2470 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining t...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-111 (ALASKERNEL-5.4-2025-111)

The version of kernel installed on the remote host is prior to 5.4.299-219.436. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2025-111 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in...

Linux Distros Unpatched Vulnerability : CVE-2022-50345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSD: Protect against send buffer overflow in NFSv3 READ Since before the git era, NFSD has conserved the number of pages held by each nfsd thread by combining...

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.

...

Linux Distros Unpatched Vulnerability : CVE-2019-14194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the...

Linux Distros Unpatched Vulnerability : CVE-2019-14198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the...

SUSE CVE-2025-38338

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfsreturnemptyfolio Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because foliounlock was called twice, and the second call wou...

PT-2025-29060

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A double-unlock bug exists in the nfs return empty folio function within the NFS read functionality of the Linux kernel. This issue can lead to a deadlock when a file is read...

Linux Distros Unpatched Vulnerability : CVE-2024-27031

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside...

CVE-2024-27031

CVE-2024-27031 (Linux kernel) : The NFS read path (nfs_netfs_issue_read) locked with xa_lock while submitting pages for writeback, but did not disable interrupts during iteration, creating a deadlock risk if an interrupt runs and touches the xa_lock. The fix replaces manual iteration with xa_for_...

UBUNTU-CVE-2023-52582

In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache one time for each folio If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths smaller than a page size. When we loop through the folios in...