Lucene search
+L

1872 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed issues with use-after-free and NULL dereferencing in smbgrantoplock. smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is...

9.8CVSS5.9AI score0.0045EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. In the fs/ksmbd/connection.c file of ksmbd, there is an off-by-one error in memory allocation due to ksmbdsmb2checkmessage, which may lead to out-of-bounds access...

9.8CVSS6.8AI score0.01077EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9CVSS6.8AI score0.02615EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of a refcount leak causing resources not being released has been fixed. When ksmbdconnreleasingopinfo-conn returns true, the refcount was not decremented properly, resulting in a refcount leak. This prevents the...

5.5CVSS6.1AI score0.00135EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Validated EaNameLength in smb2getea The smb2getea function reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length. However, it does not verify that the length of the...

7.5CVSS6AI score0.00415EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a potential out-of-bounds write issue in getfileallinfo for compound requests. When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION, and the first command consumes nearly the entire...

8.8CVSS5.9AI score0.006EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.9. ksmbd does not validate the SMB request protocol ID, resulting in an out-of-bounds read...

9.1CVSS6.7AI score0.01059EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been fixed: ksmbd: Fixed an out-of-bounds write issue in smb2getea. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the memcpy operation, but the...

9.8CVSS6.1AI score0.00389EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use checkaddoverflow to prevent overflow of the u16 DACL size. The functions setposixaclentriesdacl and setntacldacl accumulate the ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size c...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: The function ksmbdsessionrpcclose is called on the error path in the createsmb2pipe function. When the ksmbdiovpinrsp function fails, we should call ksmbdsessionrpcclose...

7.8CVSS6AI score0.0013EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a use-after-free in ksmbdclosefd, through the use of a durable scavenger mechanism. When a durable file handle persists after a session disconnection TCP connection closes without SMB2LOGOFF, sessionfdcheck sets...

9.8CVSS5.8AI score0.00356EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The hardcoded hdr2len parameter was replaced with the offsetof function in smb2calcmaxoutbuflen. After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", the management of response buffers was changed to use ...

9.8CVSS5.2AI score0.00502EPSS
Exploits0References1
nessus
nessus
added 2026/05/20 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been...

9.8CVSS7.1AI score0.00444EPSS
Exploits0References2
susecve
susecve
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

5.5CVSS5.9AI score0.00408EPSS
Exploits0References3
osv
osv
added 2026/05/15 6:16 a.m.9 views

UBUNTU-CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS5.9AI score0.00408EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2026/05/15 6:16 a.m.12 views

CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS5.9AI score0.00408EPSS
Exploits0References6
cvelist
cvelist
added 2026/05/15 5:15 a.m.56 views

CVE-2026-43490 ksmbd: validate inherited ACE SID length

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS0.00408EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/05/15 5:15 a.m.22 views

CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS6AI score0.00408EPSS
Exploits0References6Affected Software1
euvd
euvd
added 2026/05/15 5:15 a.m.11 views

EUVD-2026-30503

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

6AI score0.00408EPSS
Exploits0References4
osv
osv
added 2026/05/15 5:15 a.m.2 views

CVE-2026-43490 ksmbd: validate inherited ACE SID length

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS5.9AI score0.00408EPSS
Exploits0References8
Rows per page
Query Builder