Lucene search
+L

68 matches found

BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the nfsd4_free_stateid() function in the fs/nfsd/nfs4state.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfsd4freestateid function in the fs/nfsd/nfs4state.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...

7.8CVSS7.1AI score0.00212EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: The flag SCSTATUSFREEABLE is now allowed when searching via nfs4lookupstateid. The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then waits for the lease time out. It then attempts to use the...

5.5CVSS6.2AI score0.00223EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: nfsd: fix race between laundromat and free_stateid

A vulnerability was found in the Linux kernel. This issue occurs due to a race condition between the laundromat thread handling revoking delegations and the freestateid operation, leading to a use-after-free issue. The error occurs when a freed stateid is accessed by another operation, which can...

7.8CVSS6.8AI score0.00213EPSS
Exploits0References5
NVD
NVD
added 2025/04/18 7:15 a.m.7 views

CVE-2025-39688

In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...

5.5CVSS0.00223EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/04/18 7:15 a.m.5 views

CVE-2025-39688

In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...

5.5CVSS6.3AI score0.00223EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/04/18 7:15 a.m.3 views

DEBIAN-CVE-2025-39688

In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...

5.5CVSS5.6AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2025/04/18 7:1 a.m.107 views

CVE-2025-39688

CVE-2025-39688: In the Linux kernel NFS server, the fix for nfsd addresses handling of delegated states. The change adds SC_STATUS_FREEABLE to nfs4_lookup_stateid()'s always-allowed status mask, ensuring revoked delegations can be located when searching by stateid. It also removes SC_STATUS_FREEA...

5.5CVSS5.4AI score0.00223EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/04/18 7:1 a.m.7 views

CVE-2025-39688 nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid()

In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...

5.5CVSS6AI score0.00223EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-50043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same...

7.8CVSS6.3AI score0.00212EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/11/06 3:49 a.m.2 views

SUSE CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

5.5CVSS7.5AI score0.00213EPSS
Exploits0References37
OSV
OSV
added 2024/11/05 6:15 p.m.0 views

DEBIAN-CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

7CVSS5.9AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/11/05 6:15 p.m.3 views

UBUNTU-CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

7.8CVSS6.3AI score0.00213EPSS
Exploits0References8
OSV
OSV
added 2024/11/05 5:10 p.m.20 views

CVE-2024-50106 nfsd: fix race between laundromat and free_stateid

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

7.8CVSS6.2AI score0.00213EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/05 5:10 p.m.23 views

CVE-2024-50106 nfsd: fix race between laundromat and free_stateid

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/10/22 2:49 a.m.4 views

SUSE CVE-2024-50043

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...

5.5CVSS7.6AI score0.00212EPSS
Exploits0References5
OSV
OSV
added 2024/10/21 8:15 p.m.1 views

DEBIAN-CVE-2024-50043

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...

7.8CVSS6.3AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 8:15 p.m.4 views

UBUNTU-CVE-2024-50043

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...

7.8CVSS5.7AI score0.00212EPSS
Exploits0References8
CVE
CVE
added 2024/10/21 7:39 p.m.105 views

CVE-2024-50043

CVE-2024-50043 – Linux kernel NFS daemon state-id handling Affected: Linux kernel (nfsd/nfsd4).Cause: In nfsd4_free_stateid(), under the client lock, a delegation stateid is located, but the code drops the lock before calling nfs4_put_stid(). This allows another FREE_STATE to locate the stateid a...

7.8CVSS7.5AI score0.00212EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition in the nfsd subsystem during the handling of FREESTATEID, which could lead to...

7.8CVSS8.1AI score0.00212EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/18 12:0 a.m.6 views

PT-2024-10027

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a race condition between the laundromat handling of revoked delegations and a client sending a free stateid operation in the Linux kernel's NFS server. This can...

7.8CVSS5.5AI score0.00213EPSS
Exploits0
Rows per page
Query Builder