Lucene search
K

213 matches found

OSV
OSV
added 2025/06/19 8:15 p.m.6 views

USN-7585-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References33
SUSE CVE
SUSE CVE
added 2025/06/19 3:42 a.m.2 views

SUSE CVE-2022-50076

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s hex dump first 32 bytes: 80 5a d0 11 8...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from cifs not freeing the memory pool in SMB2negotiate, which could lead to a memory leak...

5.5CVSS6.3AI score0.00146EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/05/27 12:0 a.m.6 views

The vulnerability of the parse_mf_symlink() function in the fs/cifs/link.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the parsemfsymlink function in the fs/cifs/link.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS6.8AI score0.00312EPSS
Exploits0References16Affected Software10
OSV
OSV
added 2025/05/19 9:7 p.m.8 views

CLSA-2025-1747688831 kernel: Fix of 20 CVEs

drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleupreq CVE-2024-57798 - block: Fix handling of offline queues in blkmqallocrequesthctx CVE-2022-49720 - drm: nv04: Fix out of bounds access CVE-2024-27008 - parport: Proper fix for array out-of-bounds access CVE-2024-50074 - Bluetooth:...

7.8CVSS6.8AI score0.03558EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked server pointer in cifs could lead to a null pointer dereference...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.8 views

cifs: Fix integer overflow while processing acdirmax mount option

...

5.5CVSS7.3AI score0.00178EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/03 2:51 a.m.2 views

SUSE CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

7CVSS6.6AI score0.00158EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.5 views

SUSE CVE-2025-23143

In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...

5.5CVSS6.3AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2025/04/28 3:4 p.m.7 views

USN-7468-1 linux-azure-nvidia vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Attila Szász discovered that the HFS+ file system...

9.1CVSS7AI score0.03558EPSS
Exploits9References740
RedHat Linux
RedHat Linux
added 2025/04/16 7:59 p.m.7 views

kernel: cifs: fix potential double free during failed mount

A flaw was found in the Linux kernel's CIFS code in which a failed mount might lead to a double-free. An attacker with permissions to attempt to mount CIFS volumes could exploit this vulnerability to alter kernel memory, leading to a denial of service, altered system memory, or an escalation of...

7.8CVSS6.8AI score0.00291EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/14 10:51 a.m.6 views

kernel: cifs: fix potential double free during failed mount

A flaw was found in the Linux kernel's CIFS code in which a failed mount might lead to a double-free. An attacker with permissions to attempt to mount CIFS volumes could exploit this vulnerability to alter kernel memory, leading to a denial of service, altered system memory, or an escalation of...

7.8CVSS6.8AI score0.00291EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.7 views

cifs.upcall makes an upcall to the wrong namespace in containerized environments

...

5.9CVSS7.1AI score0.00149EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/04 2:58 a.m.7 views

SUSE CVE-2025-21963

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

5.5CVSS7.8AI score0.00178EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2025/04/01 3:46 p.m.9 views

CVE-2025-21963 cifs: Fix integer overflow while processing acdirmax mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

7.7AI score0.00178EPSS
Exploits0References6
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

UBUNTU-CVE-2023-53006

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the server-smbdconn pointer after freeing the smbdconnection struct that it points to so that reconnection doesn't get confused...

5.5CVSS6.2AI score0.00189EPSS
Exploits0References9
OSV
OSV
added 2025/02/26 7:0 a.m.1 views

UBUNTU-CVE-2022-49058

In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305glue.c:198 poly1305updatearch error: memcpy 'dctx-buf' too small 16 vs u32max It's caused because Smatch marks 'linklen' as...

7.8CVSS6.4AI score0.00312EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.3 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a resource management error vulnerability that stems from the fact that the cifsputtcpsession function may still be attempting to reconnect to a D...

5.5CVSS6.5AI score0.002EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/12/04 12:51 a.m.1 views

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

5.5CVSS7.5AI score0.00096EPSS
Exploits0References5
OSV
OSV
added 2024/11/18 6:33 p.m.6 views

CLSA-2024-1731933167 kernel: Fix of 36 CVEs

smb: client: fix use-after-free in smb2queryinfocompound CVE-2023-52751 - smb: client: prevent new fids from being removed by laundromat CVE-2023-52751 - cifs: fix dentry lookups in directory handle cache CVE-2023-52751 - uprobe: avoid out-of-bounds memory access of fetching args CVE-2024-50067 -...

9.1CVSS7AI score0.01367EPSS
Exploits0References1
Rows per page
Query Builder