Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: Cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownnet. In the normal case, when we execute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007630 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an...

ROS-20260304-73-0030

A vulnerability in the nfs4statestartnet function of the Linux kernel is related to a pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established CVE-2025-40248 In t...

CVE-2026-23038

In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...

Linux Distros Unpatched Vulnerability : CVE-2026-23038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the...

SUSE CVE-2025-68185

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...

UBUNTU-CVE-2025-68185

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...

EUVD-2025-27875

Malicious code in bioql PyPI...

EUVD-2025-12850

Malicious code in bioql PyPI...

kernel: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net

In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsdshrinkerwork using sync mode in nfs4stateshutdownnet In the normal case, when we excute echo 0 /proc/fs/nfsd/threads, the function nfs4statedestroynet in nfs4stateshutdownnet will release all resources related to...

nfs4-acl-tools bug fix and enhancement update

An update is available for nfs4-acl-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

CVE-2022-49927

In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100 size 64: comm...

CVE-2022-49927

CVE-2022-49927: Linux kernel NFSv4 kmemleak when allocating a slot failed. If a slot allocation fails, previously allocated slots must be cleaned up; otherwise, the allocated slots leak (example: unreferenced object 0xffff8881115aa100, size 64). The fix ensures cleanup of all allocated slots on f...

CVE-2022-49927 nfs4: Fix kmemleak when allocate slot failed

In the Linux kernel, the following vulnerability has been resolved: nfs4: Fix kmemleak when allocate slot failed If one of the slot allocate failed, should cleanup all the other allocated slots, otherwise, the allocated slots will leak: unreferenced object 0xffff8881115aa100 size 64: comm...

PT-2025-18644 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been resolved in the Linux kernel related to the nfs4 module. When the allocation of a slot fails, all other allocated slots should be cleaned up to prevent...

CVE-2025-21795

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4shutdowncallback If nfs4client is in courtesy state then there is no point to send the callback. This causes nfsd4shutdowncallback to hang since clcbinflight is not 0. This hang lasts about 15 minutes until...

CVE-2024-56779

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...

CVE-2024-56779

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...