Azure Linux 3.0 Security Update: kernel (CVE-2024-41049)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41049 advisory. - In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-380468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380468 advisory. In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning...

Linux LSM POSIX Lock Use-After-Free

An LSM can prevent the fcntl/close race cleanup path in fcntlsetlk from working, leading to use-after-free read in lockgetstatus when reading /proc/locks...

kernel: filelock: fix potential use-after-free in posix_lock_inode

A use-after-free vulnerability was found in the Linux kernel in traceposixlockinode. This issue occurred when the request pointer was changed to point to a lock entry added to the inode's list. Before the tracepoint could fire, another task raced in and freed the lock...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: filelock: A potential “use-after-free” issue was addressed in posixlockinode. Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer was previously changed to point to a lock entry that was added ...

kernel: filelock: fix potential use-after-free in posix_lock_inode

A use-after-free vulnerability was found in the Linux kernel in traceposixlockinode. This issue occurred when the request pointer was changed to point to a lock entry added to the inode's list. Before the tracepoint could fire, another task raced in and freed the lock...

kernel: filelock: fix potential use-after-free in posix_lock_inode

A use-after-free vulnerability was found in the Linux kernel in traceposixlockinode. This issue occurred when the request pointer was changed to point to a lock entry added to the inode's list. Before the tracepoint could fire, another task raced in and freed the lock...

kernel: filelock: fix potential use-after-free in posix_lock_inode

A use-after-free vulnerability was found in the Linux kernel in traceposixlockinode. This issue occurred when the request pointer was changed to point to a lock entry added to the inode's list. Before the tracepoint could fire, another task raced in and freed the lock...

The vulnerability of the posix_lock_inode() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the posixlockinode function in the fs/locks.c module of the Linux operating system is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

SUSE CVE-2024-41049

In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer had been changed earlier to point to a lock entry that was added to the inode's list...

UBUNTU-CVE-2024-41049

In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posixlockinode Light Hsieh reported a KASAN UAF warning in traceposixlockinode. The request pointer had been changed earlier to point to a lock entry that was added to the inode's list...

CVE-2024-41049

CVE-2024-41049: Linux kernel filelock: fix potential use-after-free in posix_lock_inode. The root cause was a race where a tracepoint pointer could be freed before the tracepoint fired, as the request pointer in trace_posix_lock_inode() was moved to a lock entry in an inode’s list and then freed ...

UBUNTU-CVE-2024-41012

In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LSMs can allow the first dolockfilewait that created the lock while...

CVE-2024-41012

CVE-2024-41012 (Linux kernel) describes a filelock race where fcntl_setlk() races with close() and a second path in posix_lock_file() could fail to remove a lock. In certain LSMs this could let a created lock survive a competing removal, enabling use-after-free reads in /proc/locks and potentiall...

SUSE CVE-2008-4307

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

Kernel BUG() in locks_remove_flock

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

kernel security and bug fix update

2.6.18-128.1.10.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

Kernel BUG() in locks_remove_flock

Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...

PT-2009-1235 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.26 Description: A race condition exists in the do setlk function, allowing local users to cause a denial of service by interrupting an RPC call, resulting in a stray FL POSIX lock. This issue is related to t...