81 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-4458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied dat...
Linux Distros Unpatched Vulnerability : CVE-2023-39180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found within the handling of SMB2READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. ...
Linux Distros Unpatched Vulnerability : CVE-2023-39179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied dat...
ROS-20250220-02
A vulnerability in the ksmbddecodentlmsspauthblob function of the ksmbd module of the Linux kernel is related to a heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
The vulnerability of the smb2_write() function in the fs/ksmbd/smb2pdu.c module allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the smb2write function in the fs/ksmbd/smb2pdu.c module is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the ksmbdvfskernpathlocked function in the ksmbd module that does not recover the path buffer on error. Thi...
PT-2025-3620
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue arises from ksmbd attempting to set atime and mtime via notify change without also setting ctime, resulting in a warning. This warning is triggered by the setattr copy function. The...
CVE-2024-50284
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xastore error check xastore can fail, it return xaerr-EINVAL if the entry cannot be stored in an XArray, or xaerr-ENOMEM if memory allocation failed, so check error for xastore to fix it...
CVE-2023-39180
A flaw was found within the handling of SMB2READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required ...
DEBIAN-CVE-2023-39180
A flaw was found within the handling of SMB2READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required ...
CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2023-39176
A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...
CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
UBUNTU-CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2023-39180
CVE-2023-39180 affects the Linux kernel ksmbd module. The root cause is improper memory release after the memory’s lifetime in SMB2_READ handling, enabling a network-based DoS without authentication on systems with ksmbd enabled. Public details confirm impact as denial-of-service; no vendor patch...
CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2023-39180
A flaw was found within the handling of SMB2READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required ...
CVE-2023-4458
A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
UBUNTU-CVE-2023-4458
A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2023-4458 Kernel: ksmbd: smb2_open out-of-bounds read information disclosure vulnerability
A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...