Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache once for each folio. If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths that are smaller than the page size. When we loop through the folios in...

GHSA-6H46-9JF5-Q59X Symfony: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes

Description When a firewall is configured with form-login or any authenticator using DefaultAuthenticationFailureHandler and the failureforward: true option, the handler reads the failurepath parameter from the failing login request and uses it as the path of an internal subrequest dispatched...

CVE-2026-31435

A flaw was found in the Linux kernel's netfs component. Under certain circumstances, during a read retry operation, the system may incorrectly abandon subrequests. This issue arises because a pointer subreq used in the abandonment process can be uninitialized or point to invalid memory. An attack...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013709 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the...

UBUNTU-CVE-2025-71201

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collection for buffered reads seems to run ahead of the completion of subrequests under some circumstances, as can be seen in the following log snippet:...

kernel: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the non-cancellation of copy when cache is temporarily disabled When the caching for a cookie is temporarily disabled e.g. due to a DIO write on that file, future copying to the cache for that file is disabled until al...

CVE-2023-53711

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

DEBIAN-CVE-2023-53711

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

UBUNTU-CVE-2023-53711

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

CVE-2023-53711

CVE-2023-53711 is a Linux kernel vulnerability resolved by a NFS data-corruption fix. The issue involved ensuring that subrequests are merged back into the head before retransmitting a request; if the head wasn’t on the commit lists because the server wrote it synchronously, it still needed reins...

CVE-2023-53711 NFS: Fix a potential data corruption

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

CVE-2023-53711 NFS: Fix a potential data corruption

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously, we sti...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly joining subrequests, which could lead to data corruption...

Linux Distros Unpatched Vulnerability : CVE-2025-21988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same next request depending on the subrequest completion order, each of...

SUSE CVE-2025-38492

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALLQUEUED being set When netfslib is issuing subrequests, the subrequests start processing immediately and may complete before we reach the end of the issuing function. At the en...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: Added next-prevdonated. If multiple subrequests donate data to the same “next” request depending on the subrequest’s completion order, each of them will overwrite the prevdonated field, resulting in data...

SUSE CVE-2025-21988

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same "next" request depending on the subrequest completion order, each of them would overwrite the prevdonated field, causing data corruptio...

DEBIAN-CVE-2025-21988

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same "next" request depending on the subrequest completion order, each of them would overwrite the prevdonated field, causing data corruptio...

UBUNTU-CVE-2025-21988

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same "next" request depending on the subrequest completion order, each of them would overwrite the prevdonated field, causing data corruptio...

CVE-2025-21988 fs/netfs/read_collect: add to next->prev_donated

In the Linux kernel, the following vulnerability has been resolved: fs/netfs/readcollect: add to next-prevdonated If multiple subrequests donate data to the same "next" request depending on the subrequest completion order, each of them would overwrite the prevdonated field, causing data corruptio...