Lucene search
K

20 matches found

RedHat Linux
RedHat Linux
added 2026/06/04 1:4 p.m.6 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 7:37 p.m.8 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.15 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 8:47 a.m.10 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 2:41 a.m.8 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and...

8.8CVSS7.3AI score0.00259EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 2:16 p.m.4 views

CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

8.8CVSS0.00259EPSS
Exploits0References19
CVE
CVE
added 2026/05/01 1:56 p.m.39 views

CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References19Affected Software1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of overflowing the u16 DACL size when performing operations on setposixaclentriesdacl a...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 12:0 a.m.35 views

CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

8.4CVSS0.00165EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/09 7:8 p.m.3 views

CVE-2025-43786

Enumeration of ERC from object entry in Liferay Portal 7.4.0 through 7.4.3.128, and Liferay DXP 2024.Q3.0 through 2024.Q3.1, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 and 7.4 GA through update 92 allow attackers to determine existent ERC in the application by exploit t...

6.9CVSS6.2AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 11:15 p.m.8 views

CVE-2024-56317

In Matter aka connectedhomeip or Project CHIP through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by...

7.5CVSS7.1AI score
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.19 views

Samba 4.0.0 Bypass Restriction Vulnerability (CVE-2013-0172)

Samba 4.0.0 as an AD DC may provide authenticated users with write access to LDAP directory objects. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

3.5CVSS6.3AI score0.02426EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/05/18 12:0 a.m.192 views

Microsoft ACL Shortcomings

Hi @ll, the following is a substantially shortened version of and Windows NT supports access control for almost all its objects, "How Security Descriptors and Access Control Lists Work" and "How Permissions Work" provide a comprehensive and exhaustive explanation. "Access Control Lists" provides ...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/02/21 6:59 p.m.7 views

389: denial of service when using certificate groups

see https://bugzilla.redhat.com/showbug.cgi?id=781519...

2.3CVSS5.8AI score0.00902EPSS
Exploits1References4
Prion
Prion
added 2013/01/17 9:55 p.m.24 views

Design/Logic Flaw

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...

3.5CVSS6.7AI score0.02426EPSS
Exploits0References1Affected Software1
Samba
Samba
added 2013/01/15 12:0 a.m.131 views

A Samba AD DC may provide authenticated users with

Description In AD, Access Control Entries can be assigned based on the objectClass of the object. If a user or a group the user is a member of has any access based on the objectClass, then that user has write access to that object. Additionally, if a user has write access to any attribute on the...

3.5CVSS7.6AI score0.02426EPSS
Exploits0
OSV
OSV
added 2012/08/16 10:38 a.m.1 views

UBUNTU-CVE-2012-4289

epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service loop and CPU consumption via a large number of ACL entries...

3.3CVSS7.1AI score0.01292EPSS
Exploits0References6
CVE
CVE
added 2007/02/16 12:0 a.m.55 views

CVE-2007-0968

CVE-2007-0968 affects Cisco Firewall Services Module (FWSM) prior to 2.3(4.7) and 3.x prior to 3.1(3.1). The issue is an improper evaluation of access control entries (ACE) in an ACL, allowing remote authenticated users to bypass intended protections. Connected sources confirm this is a vulnerabi...

9CVSS6.2AI score0.02045EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/02/16 12:0 a.m.21 views

CVE-2007-0968

Unspecified vulnerability in Cisco Firewall Services Module FWSM before 2.34.7 and 3.x before 3.13.1 causes the access control entries ACE in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections...

6.2AI score0.02045EPSS
Exploits0References6
Rows per page
Query Builder