Lucene search
+L

1872 matches found

attackerkb
attackerkb
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References6Affected Software1
debiancve
debiancve
added 2026/05/08 2:21 p.m.19 views

CVE-2026-43377

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS5.7AI score0.00248EPSS
Exploits0
cve
cve
added 2026/05/08 2:21 p.m.24 views

CVE-2026-43377

CVE-2026-43377 affects ksmbd in the Linux kernel where, under KSMBD_DEBUG_AUTH logging, generate_smb3signingkey() and generate_smb3encryptionkey() log session, signing, encryption, and decryption key bytes. The issue allows potential information disclosure by exposing credentials through verbose ...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2026/05/08 2:21 p.m.40 views

CVE-2026-43377 ksmbd: Don't log keys in SMB3 signing and encryption key generation

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS0.00248EPSS
Exploits0References6
osv
osv
added 2026/05/08 2:21 p.m.2 views

CVE-2026-43377 ksmbd: Don't log keys in SMB3 signing and encryption key generation

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS6.6AI score0.00248EPSS
Exploits0References9
cvelist
cvelist
added 2026/05/08 2:21 p.m.38 views

CVE-2026-43376 ksmbd: fix use-after-free by using call_rcu() for oplock_info

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS0.00444EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43376

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References6Affected Software1
debiancve
debiancve
added 2026/05/08 2:21 p.m.10 views

CVE-2026-43376

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS5.7AI score0.00444EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.15 views

PT-2026-39038

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description When KSMBD DEBUG AUTH logging is enabled, the functions generate smb3signingkey and generate smb3encryptionkey log session, signing, encryption, and decryption key bytes, which can lead ...

8.1CVSS5.4AI score0.00248EPSS
Exploits0References18
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd’s ability to record key bytes during SMB3 signature and encryption key generation, potentially...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.10 views

PT-2026-39037

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module. The system frees the oplock info structure immediately using kfree, while it is still being accessed under RCU Read-Copy-Update read-si...

9.8CVSS6.5AI score0.00817EPSS
Exploits4References116
nvd
nvd
added 2026/05/06 12:16 p.m.6 views

CVE-2026-43185

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

9.8CVSS0.00622EPSS
Exploits0References3
cve
cve
added 2026/05/06 11:27 a.m.27 views

CVE-2026-43185

In Linux kernel ksmbd, a signedness bug in smb_direct_prepare_negotiation() casts unsigned __u32 values from sp->max_recv_size and req->preferred_send_size to signed int before min_t(). A crafted preferred_send_size of 0x80000000 can be treated as smaller than max_recv_size, enabling a subs...

9.8CVSS5.8AI score0.00622EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/06 11:27 a.m.3 views

CVE-2026-43185 ksmbd: fix signededness bug in smb_direct_prepare_negotiation()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

9.8CVSS5.9AI score0.00622EPSS
Exploits0References6
nessus
nessus
added 2026/05/06 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-43185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize...

9.8CVSS7.2AI score0.00622EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a symbolic error in the smbdirectpreparenegotiation function within ksmbd. This vulnerability may...

9.8CVSS6.1AI score0.00622EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.15 views

PT-2026-37525

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A signedness bug exists in the smb direct prepare negotiation function. The function casts unsigned u32 values from sp-max recv size and req-preferred send size to signed integers before...

9.8CVSS6AI score0.09796EPSS
Exploits9References113
githubexploit
githubexploit
added 2026/05/04 10:3 p.m.172 views

Exploit for CVE-2026-31717

CVE-2026-31717: ksmbd DHnC Durable-Handle Reconnect Access-Con...

8.8CVSS5.8AI score0.00437EPSS
Exploits1
mscve
mscve
added 2026/05/02 8:4 a.m.7 views

ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment

...

9.8CVSS5.8AI score0.00389EPSS
Exploits0
susecve
susecve
added 2026/05/02 1:25 a.m.16 views

SUSE CVE-2026-31704

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
Rows per page
Query Builder