Lucene search
K

213 matches found

RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.5 views

kernel: smb: client: fix use-after-free in smb2_query_info_compound()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...

7.8CVSS6.7AI score0.00241EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.9 views

cifs: Fix buffer overflow when parsing NFS reparse points

...

7.8CVSS7.1AI score0.00333EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2024/10/29 8:48 p.m.3 views

Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...

7.8CVSS8.3AI score0.00269EPSS
Exploits0References50
SUSE CVE
SUSE CVE
added 2024/10/24 3:18 a.m.8 views

SUSE CVE-2024-49996

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function...

5.5CVSS6.8AI score0.00333EPSS
Exploits0References25
OSV
OSV
added 2024/10/21 6:15 p.m.3 views

UBUNTU-CVE-2024-49996

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function...

7.8CVSS6.4AI score0.00333EPSS
Exploits0References44
SUSE Linux
SUSE Linux
added 2024/10/16 9:17 p.m.1 views

Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954:...

7.8CVSS8.3AI score0.00269EPSS
Exploits0References20
OSV
OSV
added 2024/08/17 9:15 a.m.3 views

UBUNTU-CVE-2024-42307

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroyworkqueue in initcifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs error: we previously assumed 'serverclosewq' could be nul...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2024/06/04 12:50 p.m.7 views

SUSE CVE-2022-0168

A denial of service DOS issue was found in the Linux kernel's smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...

4.4CVSS6.4AI score0.00261EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2024/05/29 8:15 a.m.3 views

kernel: cifs: fix underflow in parse_server_interfaces()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

6.7CVSS6.6AI score0.00407EPSS
Exploits0References5
OSV
OSV
added 2024/05/24 3:15 p.m.4 views

UBUNTU-CVE-2021-47544

In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar...

5.9CVSS6.4AI score0.00744EPSS
Exploits0References6
OSV
OSV
added 2024/05/19 9:15 a.m.1 views

DEBIAN-CVE-2024-35867

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsstatsprocshow Skip sessions that are being teared down status == SESEXITING to avoid UAF...

7.8CVSS5.7AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2024/04/17 10:15 a.m.1 views

UBUNTU-CVE-2024-26828

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

6.7CVSS6.3AI score0.00407EPSS
Exploits0References25
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.7 views

PT-2024-3839

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential use-after-free UAF vulnerability in the cifs stats proc write function of the Linux kernel's SMB client implementation. This vulnerability may allow a...

7.8CVSS5.5AI score0.00236EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/02 5:26 p.m.3 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01999EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/27 12:26 a.m.7 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01999EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/19 5:43 p.m.2 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01999EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/13 9:11 a.m.4 views

kernel: use-after-free in smb2_is_status_io_timeout()

A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region,...

6.5CVSS6.8AI score0.01094EPSS
Exploits0References5
OSV
OSV
added 2024/03/02 10:15 p.m.11 views

AZL-54137 CVE-2023-52572 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

7.8CVSS6.3AI score0.00231EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/07 4:33 p.m.2 views

kernel: smb2_ioctl_query_info NULL pointer dereference

A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...

4.4CVSS6.6AI score0.00261EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/30 12:29 p.m.4 views

kernel: use-after-free in smb2_is_status_io_timeout()

A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region,...

6.5CVSS6.6AI score0.01094EPSS
Exploits0References5
Rows per page
Query Builder