ThreatCluster

Multiple CVEs Affecting nfsd Identified by Microsoft

First seen 18 Feb 2026, 12:23 UTC Api.Msrc.Microsoft 78% similarity 39

Article Content

Browse articles
ThreatCluster

Microsoft has published information on two vulnerabilities affecting the nfsd service. CVE-2024-42078, published on July 29, 2024, involves early initialization of nfsd_info.mutex, while CVE-2025-38231, published on July 4, 2025, addresses the initialization of ssc before laundromat_work to prevent NULL dereference. Both vulnerabilities may impact systems utilizing the nfsd service.

ThreatCluster AI

Timeline

2024-07-29
CVE-2024-42078 published
2025-07-04
CVE-2025-38231 published
2026-02-18
Microsoft publishes information on both CVEs

Community

Browse all →