210 matches found
CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...
SUSE CVE-2022-50643
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...
SUSE CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...
Linux Distros Unpatched Vulnerability : CVE-2022-50643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...
CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...
CVE-2022-50643
The CVE-2022-50643 issue affects the Linux kernel’s CIFS client and stems from an xid leak in cifs_copy_file_range() when the file is used by swap. The underlying bug could leave an xid allocated; the fix ensures the xid is freed before returning -EOPNOTSUPP, preventing leakage. Multiple connecte...
CVE-2022-50643
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a cifs session state checking issue...
CVE-2023-53751
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...
CVE-2023-53751 cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...
CVE-2023-53751
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...
PT-2025-49481
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the CIFS implementation related to the TCP Server Info::hostname component. Specifically, the hostname may be updated during reconnect attempts,...
kernel: cifs: fix oops during encryption
An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...
CVE-2025-40099
In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...
Linux Distros Unpatched Vulnerability : CVE-2025-40099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct...
EUVD-2014-4205
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414511)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414511 advisory. A denial of service DOS issue was found in the Linux kernels smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrec...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986403)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986403 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during...
PT-2025-40756
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a folio lock is leaked when fscache is in use and a cache hit occurs during a read operation. This occurs because the cifs readpage worker functi...
EUVD-2025-27882
Malicious code in bioql PyPI...