Lucene search
K

3197 matches found

GithubExploit
GithubExploit
added 2026/06/03 12:15 a.m.196 views

Exploit for CVE-2026-46243

cifswitch-check A shell script to check whether a Linux syste...

7.8CVSS6AI score0.00353EPSS
Exploits4
AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: rejecting descriptions of cifs.spnego in user space Descriptions of cifs.spnego keys contain fields that carry authority, such as pid, uid, creduid, and upcalltarget. The cifs.upcall treats these fields as...

7.8CVSS6.4AI score0.00353EPSS
Exploits4References3
GithubExploit
GithubExploit
added 2026/06/02 11:39 a.m.258 views

Exploit for CVE-2026-46243

CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/06/02 11:39 a.m.126 views

Exploit for CVE-2026-46243

CIFSwitch Checker - CVE-2026-46243 Checker para Linux que p...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2026-46243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority- bearing fields such as pid, uid, creduid, and upcalltarge...

7.8CVSS6.7AI score0.00353EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2026/06/01 5:27 p.m.20 views

CVE-2026-46243

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References5
NVD
NVD
added 2026/06/01 5:17 p.m.47 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS0.00353EPSS
Exploits4References43
ATTACKERKB
ATTACKERKB
added 2026/06/01 4:22 p.m.14 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

5.8AI score0.00353EPSS
Exploits4References9Affected Software1
Cvelist
Cvelist
added 2026/06/01 4:22 p.m.47 views

CVE-2026-46243 smb: client: reject userspace cifs.spnego descriptions

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.1CVSS0.00353EPSS
Exploits4References8
EUVD
EUVD
added 2026/06/01 4:22 p.m.15 views

EUVD-2026-33668

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References8
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.3 views

The vulnerability of the cifs_get_spnego_key() function in the cifs.upcall tool of the cifs-utils package in Linux kernel allows a attacker to elevate their privileges to root and execute arbitrary code.

The vulnerability of the cifsgetspnegokey function in the cifs.upcall tool of the cifs-utils package in Linux kernel systems is related to the lack of authentication for the critical function. Exploiting this vulnerability can allow an attacker to elevate their privileges to root and execute...

8.8CVSS6AI score0.00353EPSS
Exploits4References22Affected Software12
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a denial-of-service attack in the user space for the cifs.spnego process. This vulnerability could lead...

7.8CVSS6.3AI score0.00353EPSS
Exploits4References10
OSV
OSV
added 2026/05/31 12:0 a.m.41 views

RLSA-2026:21706 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...

7.8CVSS6.5AI score0.00514EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.12 views

RockyLinux 8 : kernel-rt (RLSA-2026:21745)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS6AI score0.00514EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.12 views

RockyLinux 9 : kernel (RLSA-2026:21556)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setti...

9.4CVSS6.2AI score0.00514EPSS
Exploits0References39
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.16 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/05/28 12:0 a.m.24 views

kernel security update

4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

9.4CVSS6.3AI score0.00514EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/05/28 12:0 a.m.21 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS5.5AI score0.00514EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: cifs-utils (UTSA-2026-016660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016660 advisory. A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host...

6.1CVSS6.6AI score0.00642EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: fixed page frag corruption upon a page fault. Steffen reported a corruption of the TCP stream for HTTP requests served by the Apache web-server, using a CIFS mount-point and the corresponding file’s memory mapping. The root...

5.9CVSS6.3AI score0.00744EPSS
Exploits0References2
Rows per page
Query Builder