Lucene search
K

213 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

5.8AI score0.00298EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37555

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the CIFS component where cifs tcp ses lock was used to protect various objects, including tcon fields, instead of using more granular locks. This caused unnecessary...

8.8CVSS7.6AI score0.00298EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect setting of the CIFSMOUNTPOSIXPATHS bit when mounting SMB1 under UNIX. This can lead to th...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the CIFS Common Internet File System component, certain local variables were not properly reinitialized before a request was replayed. This occurred in several code locations where...

7.8CVSS5.9AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010951)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010951 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP,...

5.8AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-007339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007339 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid rep...

5.6AI score0.00183EPSS
Exploits0References4
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-49996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49996 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing N...

7.8CVSS6.6AI score0.00333EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002106 advisory. Race condition in the smbsendrqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service NULL pointer...

4.4CVSS5.5AI score0.00261EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002739 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

7.1CVSS7.1AI score0.0363EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/01/14 12:29 a.m.8 views

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

7CVSS5.8AI score0.00177EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.9 views

Siemens Ruggedcom ROX Use After Free (CVE-2022-48919)

In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during cifssmb3domount we call deactivatelockedsuper which eventually will call delayedfree which will free the context. In this situation we shoul...

7.8CVSS5.9AI score0.00224EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993135 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...

7.8CVSS5.8AI score0.0014EPSS
Exploits0References4
NVD
NVD
added 2025/12/30 1:16 p.m.6 views

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

0.00173EPSS
Exploits0References7
OSV
OSV
added 2025/12/30 1:16 p.m.8 views

UBUNTU-CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.7AI score0.00167EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/30 12:23 p.m.5 views

CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.2AI score0.00167EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/30 12:15 p.m.4 views

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

5.3AI score0.00173EPSS
Exploits0
CVE
CVE
added 2025/12/30 12:15 p.m.12 views

CVE-2023-54260

CVE-2023-54260 — Linux kernel (CIFS): The vulnerability occurs when MR allocation fails during CIFS SMB direct connection handling; if the MR allocate fails and the smb direct connection info is NULL, smbd_destroy() returns early and leaks the connection info. The fix updates the shutdown path by...

6.1AI score0.00173EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/12/30 12:15 p.m.10 views

CVE-2022-50859

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...

5.3AI score0.00206EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to verify the validity of tcon-ses in cifsoplockbreak, which could lead to a null pointer dereference...

5.8AI score0.00168EPSS
Exploits0References5
Rows per page
Query Builder