Lucene search
K

1841 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither...

6AI score0.00164EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.6 views

SUSE CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:17 a.m.7 views

CVE-2026-53198

A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel SMB server. An authenticated SMB client can trigger a use-after-free vulnerability by sending a double SMB2CANCEL request for the same asynchronous operation. This can lead to memory corruption, potentially allowing an...

8.8CVSS6.1AI score0.00466EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:54 p.m.6 views

CVE-2026-53010

A flaw was found in the Linux kernel's ksmbd component. During a durable reconnect process in the smb2open function, a reference to a durable file descriptor is prematurely dropped. This can lead to a use-after-free vulnerability, potentially resulting in system instability or a denial of service...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

0.00164EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.6AI score0.00164EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39222

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.7AI score0.00164EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53271

The CVE-2026-53271 issue affects the Linux kernel ksmbd during oplock/lease break notifications (smb2_oplock_break_noti and smb2_lease_break_noti). The root cause is reading opinfo->conn into a local variable without READ_ONCE() and without a NULL check after opinfo_get_list() has dropped ci-&...

5.7AI score0.00164EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53198 ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS0.00466EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53198

The CVE-2026-53198 issue affects ksmbd in the Linux kernel: a deferred byte-range lock (SMB2_LOCK) uses async_work with a cancel_fn (smb2_remove_blocked_lock) and cancel_argv pointing to a file_lock. If a second SMB2_CANCEL arrives before release_async_work(), the cancel callback can run again on...

8.8CVSS5.7AI score0.00466EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbdcryptmessage sets a NULL completion callback on AEAD requests and does not handle the...

9.8CVSS6AI score0.00531EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor...

9.8CVSS6AI score0.00435EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 8:45 p.m.7 views

CVE-2026-52944

A flaw was found in the Linux kernel's ksmbd component. This vulnerability allows a client to bypass intended permission restrictions by using the FSCTLSETSPARSE operation. Specifically, a client on a read-only share can modify a file's sparse attribute, and clients on writable shares can modify...

5.8AI score0.00165EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38864

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open ksmbdlookupfdcguid returns a ksmbdfile with its refcount incremented via ksmbdfpget. parsedurablehandlecontext in the DURABLEREQV2 case properly releases this...

6AI score0.00188EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53010

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs...

9.8CVSS0.00435EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:29 p.m.6 views

EUVD-2026-38914

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbdcryptmessage sets a NULL completion callback on AEAD requests and does not handle the -EINPROGRESS return code from async hardware crypto engines like the...

5.8AI score0.00531EPSS
Exploits0References7
CVE
CVE
added 2026/06/24 4:29 p.m.12 views

CVE-2026-53010

The CVE-2026-53010 vulnerability is in the Linux kernel ksmbd component. In smb2_open during a durable reconnect, a reference to the durable file descriptor is dropped too early (ksmbd_put_durable_fd(fp)), risking a use-after-free when error handling or scavenger access occurs (fp fields like cre...

9.8CVSS5.7AI score0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.28 views

CVE-2026-53010 ksmbd: fix use-after-free in smb2_open during durable reconnect

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs...

9.8CVSS0.00435EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smb/server: The function ksmbdsessionrpcclose is called on the error path in the createsmb2pipe function. When the ksmbdiovpinrsp function fails, we should call ksmbdsessionrpcclose...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References2
Rows per page
Query Builder