Количество 17
Количество 17
CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning.
CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning.
CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning.
CVE-2021-47506
In the Linux kernel, the following vulnerability has been resolved: n ...
BDU:2024-10583
Уязвимость компонента nfsd ядра операционной системы Linux, позволяющая нарушителю повысить привилегии в системе
SUSE-SU-2024:2923-1
Security update for the Linux Kernel
SUSE-SU-2024:2948-1
Security update for the Linux Kernel
ROS-20241126-02
Множественные уязвимости kernel-lt
SUSE-SU-2024:2183-1
Security update for the Linux Kernel
SUSE-SU-2024:1979-1
Security update for the Linux Kernel
SUSE-SU-2024:2185-1
Security update for the Linux Kernel
SUSE-SU-2024:2184-1
Security update for the Linux Kernel
SUSE-SU-2024:1983-1
Security update for the Linux Kernel
SUSE-SU-2024:2189-1
Security update for the Linux Kernel
SUSE-SU-2024:2019-1
Security update for the Linux Kernel
SUSE-SU-2024:2190-1
Security update for the Linux Kernel
SUSE-SU-2024:2008-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-47506 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning. | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVE-2021-47506 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning. | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | CVE-2021-47506 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. A delegation break runs a callback which immediately (in nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we then exit nfs4_set_delegation without hashing the delegation, it will be freed as soon as the callback is done with it, without ever being removed from del_recall_lru. Symptoms show up later as use-after-free or list corruption warnings, usually in the laundromat thread. I suspect aba2072f4523 "nfsd: grant read delegations to clients holding writes" made this bug easier to hit, but I looked as far back as v3.0 and it looks to me it already had the same problem. So I'm not sure where the bug was introduced; it may have been there from the beginning. | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| CVE-2021-47506 In the Linux kernel, the following vulnerability has been resolved: n ... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | BDU:2024-10583 Уязвимость компонента nfsd ядра операционной системы Linux, позволяющая нарушителю повысить привилегии в системе | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2024:2923-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2948-1 Security update for the Linux Kernel | 10 месяцев назад | ||
 | ROS-20241126-02 Множественные уязвимости kernel-lt | CVSS3: 8.8 | 7 месяцев назад | |
| SUSE-SU-2024:2183-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:1979-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:2185-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2184-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:1983-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:2189-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2019-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:2190-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2008-1 Security update for the Linux Kernel | около 1 года назад |
Уязвимостей на страницу