213 matches found
CVE-2023-53230
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...
UBUNTU-CVE-2023-53230
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...
[SECURITY] Fedora 41 Update: wireshark-4.4.9-1.fc41
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
cifs: fix potential memory leaks in session setup
...
cifs: fix underflow in parse_server_interfaces()
...
CVE-2025-38523
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...
UBUNTU-CVE-2025-38523
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...
CVE-2025-38523
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...
PT-2025-33566 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The handling of received data in the smbdirect client code uses copy to iter to copy data from the smbd response struct's packet trailer to a folioq buffer. When CONFIG HARDENED...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the cifs smbdresponse slab not being allowed to be copied by the user, which could cause the kernel to crash...
Ubuntu 14.04 LTS / 16.04 LTS : cifs-utils vulnerabilities (USN-7688-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7688-1 advisory. Aurlien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly...
Linux Distros Unpatched Vulnerability : CVE-2024-42256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry...
Linux Distros Unpatched Vulnerability : CVE-2022-3595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sessfreebuffer of the file fs/cifs/sess.c of...
kernel: cifs: potential buffer overflow in handling symlinks
A buffer overflow vulnerability has been identified in the Linux kernel's Common Internet File System CIFS module, specifically within the parsemfsymlink function. This flaw is caused by insufficient input validation on the linklen value, which dictates the length of a symbolic link. An attacker...
CLSA-2025-1753298320 kernel: Fix of 16 CVEs
Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 - NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50072 - NFSv4: Don't hold the layoutget locks across multiple RPC calls CVE-2022-50072 - net: qrtr: start MHI channel after endpoit creation CVE-2022-50044 - tty: ngsm: add sanity...
USN-7655-1 linux-intel-iotg-5.15 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7605-1 linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
The vulnerability of the `cifs_close_deferred_file()` function in the fs/cifs/misc.c module of the Linux kernel’s file system support module allows a attacker to cause a service failure.
The vulnerability of the cifsclosedeferredfile function in the fs/cifs/misc.c module of the Linux kernel’s file system support module is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
USN-7591-3 linux-intel-iot-realtime, linux-realtime vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7585-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...