68 matches found
The vulnerability of the nfsd4_free_stateid() function in the fs/nfsd/nfs4state.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nfsd4freestateid function in the fs/nfsd/nfs4state.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: nfsd: The flag SCSTATUSFREEABLE is now allowed when searching via nfs4lookupstateid. The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then waits for the lease time out. It then attempts to use the...
kernel: nfsd: fix race between laundromat and free_stateid
A vulnerability was found in the Linux kernel. This issue occurs due to a race condition between the laundromat thread handling revoking delegations and the freestateid operation, leading to a use-after-free issue. The error occurs when a freed stateid is accessed by another operation, which can...
CVE-2025-39688
In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...
CVE-2025-39688
In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...
DEBIAN-CVE-2025-39688
In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...
CVE-2025-39688
CVE-2025-39688: In the Linux kernel NFS server, the fix for nfsd addresses handling of delegated states. The change adds SC_STATUS_FREEABLE to nfs4_lookup_stateid()'s always-allowed status mask, ensuring revoked delegations can be located when searching by stateid. It also removes SC_STATUS_FREEA...
CVE-2025-39688 nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid()
In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to...
Linux Distros Unpatched Vulnerability : CVE-2024-50043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same...
SUSE CVE-2024-50106
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...
DEBIAN-CVE-2024-50106
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...
UBUNTU-CVE-2024-50106
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...
CVE-2024-50106 nfsd: fix race between laundromat and free_stateid
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...
CVE-2024-50106 nfsd: fix race between laundromat and free_stateid
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...
SUSE CVE-2024-50043
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...
DEBIAN-CVE-2024-50043
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...
UBUNTU-CVE-2024-50043
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREESTATEID When multiple FREESTATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4freestateid under the...
CVE-2024-50043
CVE-2024-50043 – Linux kernel NFS daemon state-id handling Affected: Linux kernel (nfsd/nfsd4).Cause: In nfsd4_free_stateid(), under the client lock, a delegation stateid is located, but the code drops the lock before calling nfs4_put_stid(). This allows another FREE_STATE to locate the stateid a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition in the nfsd subsystem during the handling of FREESTATEID, which could lead to...
PT-2024-10027
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a race condition between the laundromat handling of revoked delegations and a client sending a free stateid operation in the Linux kernel's NFS server. This can...