3197 matches found
Exploit for CVE-2026-46243
cifswitch-check A shell script to check whether a Linux syste...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: rejecting descriptions of cifs.spnego in user space Descriptions of cifs.spnego keys contain fields that carry authority, such as pid, uid, creduid, and upcalltarget. The cifs.upcall treats these fields as...
Exploit for CVE-2026-46243
CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...
Exploit for CVE-2026-46243
CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...
Linux Distros Unpatched Vulnerability : CVE-2026-46243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority- bearing fields such as pid, uid, creduid, and upcalltarge...
CVE-2026-46243
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
CVE-2026-46243
In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...
CVE-2026-46243
In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...
CVE-2026-46243 smb: client: reject userspace cifs.spnego descriptions
In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...
EUVD-2026-33668
In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...
The vulnerability of the cifs_get_spnego_key() function in the cifs.upcall tool of the cifs-utils package in Linux kernel allows a attacker to elevate their privileges to root and execute arbitrary code.
The vulnerability of the cifsgetspnegokey function in the cifs.upcall tool of the cifs-utils package in Linux kernel systems is related to the lack of authentication for the critical function. Exploiting this vulnerability can allow an attacker to elevate their privileges to root and execute...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a denial-of-service attack in the user space for the cifs.spnego process. This vulnerability could lead...
RLSA-2026:21706 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...
RockyLinux 8 : kernel-rt (RLSA-2026:21745)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
RockyLinux 9 : kernel (RLSA-2026:21556)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setti...
kernel: smb: client: validate the whole DACL before rewriting it in cifsacl
A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...
kernel security update
4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
Unity Linux 20.1060e / 20.1070e Security Update: cifs-utils (UTSA-2026-016660)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016660 advisory. A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: TCP: fixed page frag corruption upon a page fault. Steffen reported a corruption of the TCP stream for HTTP requests served by the Apache web-server, using a CIFS mount-point and the corresponding file’s memory mapping. The root...