216 matches found
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
Unbreakable Enterprise kernel security update
5.4.17-2136.351.3.3 - crypto: afalg - Fix incorrect boolean values in afalgctx Eric Biggers Orabug: 38884602 CVE-2025-40022...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50005)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50005 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38787139 CVE-2025-40271 Tenable has extracted the preceding description block directly from the Oracle...
Unbreakable Enterprise kernel security update
5.15.0-316.196.4.1 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38788585 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38788587 CVE-2025-40271 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38788594...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50007)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50007 advisory. - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38788585 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang...
CVE-1999-0724
Buffer overflow in OpenBSD procfs and fdescfs file systems via uiooffset in the readdir function...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone CVE-2023-53292 In the Linux kernel, the following vulnerability has been resolved: block: fix race between setblocksize and read paths CVE-2025-3807...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-28068)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28068 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38786776 CVE-2025-40271 - NFSD: Define a proclayoutcommit for the FlexFiles layout type Chuck Lever...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28066)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28066 advisory. - fs/proc: fix uaf in procreaddirde Wei Yang CVE-2025-40271 Tenable has extracted the preceding description block directly from the Oracle Linux...
Unbreakable Enterprise kernel security update
5.15.0-315.196.5.2 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38786195 CVE-2025-40280 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38786194 CVE-2025-40271 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38786193...
Unbreakable Enterprise kernel security update
5.4.17-2136.350.3.2 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38786776 CVE-2025-40271 5.4.17-2136.350.3.1 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744458 - fbcon: fix integer overflow in font allocation Samasth Norway Ananda Orabug:...
SUSE CVE-2025-68185
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
EUVD-2025-203711
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
CVE-2025-68185
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
CVE-2025-68185
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
UBUNTU-CVE-2025-68185
In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...
Linux Distros Unpatched Vulnerability : CVE-2025-40271
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should us...
EUVD-2025-201584
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...
CVE-2025-40271
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...