Lucene search
+L

65 matches found

redhat
redhat
added 2026/07/08 4:9 a.m.9 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
osv
osv
added 2026/06/24 9:39 a.m.3 views

SUSE-SU-2026:22478-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
nessus
nessus
added 2026/06/16 12:0 a.m.13 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...

9.8CVSS6.5AI score0.00459EPSS
Exploits0References6
nessus
nessus
added 2026/05/27 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-45983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops e.g. SETATTR can trigger idmap lookup upcalls. When those upcal...

5.5CVSS6.5AI score0.00123EPSS
Exploits0References3
nessus
nessus
added 2026/05/04 12:0 a.m.18 views

RHEL 10 : kernel (RHSA-2026:13566)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13566 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free...

9.8CVSS6.3AI score0.96267EPSS
Exploits230References11
nessus
nessus
added 2026/01/31 12:0 a.m.28 views

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1123)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthreadCVE-2023-52572 net: fix data-races around sk-skforwardallocCVE-2024-53124 quota: flush...

7.8CVSS7.2AI score0.09117EPSS
Exploits9References179
nessus
nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38430)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38430 advisory. - In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this ...

5.5CVSS5.4AI score0.00174EPSS
Exploits0References2
nessus
nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001835)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001835 advisory. nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, an...

5.5CVSS7.1AI score0.00364EPSS
Exploits0References14
redhat
redhat
added 2026/01/14 12:36 a.m.16 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.6AI score0.00202EPSS
Exploits0References12
nessus
nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.14.el7.AXS7 (AXSA:2025-10933:76)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10933:76 advisory. x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel...

7.8CVSS7.2AI score0.01345EPSS
Exploits8References42
amazon
amazon
added 2025/12/08 12:0 a.m.6 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

7.8CVSS6.2AI score0.00144EPSS
Exploits0
redhat
redhat
added 2025/10/29 12:46 a.m.9 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.8CVSS7AI score0.00224EPSS
Exploits0References11
osv
osv
added 2025/10/24 11:3 a.m.3 views

SUSE-SU-2025:20920-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in...

7.8CVSS5.8AI score0.00528EPSS
Exploits1References21
redhat
redhat
added 2025/10/20 2:28 a.m.14 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS6.8AI score0.00528EPSS
Exploits0References8
nessus
nessus
added 2025/10/20 12:0 a.m.9 views

RHEL 9 : kernel (RHSA-2025:18281)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18281 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return...

7.8CVSS7.3AI score0.00528EPSS
Exploits0References17
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-1073

Malware in sbrugna...

4.9CVSS4.5AI score0.00427EPSS
Exploits0References36
nessus
nessus
added 2025/10/07 12:0 a.m.15 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20649)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20649 advisory. - nfsd: handle getclientlocked failure in nfsd4setclientidconfirm Jeff Layton Orabug: 38500610 CVE-2025-38724 - iouring/futex: ensure iofutexwait...

8.8CVSS7AI score0.00286EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5127

Malicious code in bioql PyPI...

7.2AI score0.00221EPSS
Exploits0References8
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13182

Malicious code in bioql PyPI...

6.6AI score0.00165EPSS
Exploits0References6
cvelist
cvelist
added 2025/07/25 2:16 p.m.12 views

CVE-2025-38430 nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure...

0.00174EPSS
Exploits0References8
Rows per page
Query Builder