625 matches found
CVE-2025-40237
CVE-2025-40237 is a Linux kernel vulnerability affecting the inotify/fs notify path. The issue occurs when an inotify watch on an overlayfs inode is processed during unmount, leading to a NULL pointer dereference via show_mark_fhandle() -> exportfs_encode_fid() -> ovl_encode_fh() -> ovl_...
EUVD-2025-201222
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...
CVE-2025-40237 fs/notify: call exportfs_encode_fid with s_umount
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...
kernel: smb: client: fix use-after-free in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...
Linux Distros Unpatched Vulnerability : CVE-2025-40242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gfs2: Fix unlikely race in gdlmputlock In gdlmputlock, there is a small window of time in which the DFLUNMOUNT flag has been set but the lockspace hasn't been...
podman security update
5.6.0-6.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.6.0-6 - update to the latest content of...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49867)
btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at closectree. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990839)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990839 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at...
kernel: smb: client: fix use-after-free in cifs_oplock_break
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990342)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990342 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fsbugon when uninstalling filesystem call f2fsevictinode. creating a large files duri...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990140)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990140 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989478)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989478 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990085)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990085 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f wil...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988680)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988680 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang during unmount when stopping a space reclaim worker Often when running generic/5...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989599)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989599 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fsbugon when uninstalling filesystem call f2fsevictinode. creating a large files duri...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990188)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990188 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990211)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990211 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
SUSE CVE-2025-40105
In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls openbyhandleat on some inode that is not cached, we will create disconnected dentry for it. If such dentry is a directory, exportfsdecodefhraw will then try to conne...
vfs: Don't leak disconnected dentries on umount
...
EUVD-2025-36973
In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls openbyhandleat on some inode that is not cached, we will create disconnected dentry for it. If such dentry is a directory, exportfsdecodefhraw will then try to conne...