204 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what t...
CVE-2026-45924
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from certain incorrect paths in ksmbd that do not invoke the ksmbdvfskernpathendremoving function. Thi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use the volume UUID in FSOBJECTIDINFORMATION. Use sb-suuid as the primary identifier for volumes. For file systems that do not provide a UUID, fallback to stfs.ffsid, which is obtained from vfsstatfs...
Astra Linux - уязвимость в linux-5.15
A vulnerability has been identified in the ksmbd component of the Linux kernel the kernel SMB/CIFS server. A security measure designed to prevent dictionary attacks—which introduces a 5-second delay during session setup—can be bypassed through the use of asynchronous requests. This bypass defeats...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.4. In the file fs/ksmbd/smb2pdu.c of ksmbd, there is a flaw where the UserName value is not properly checked. This occurs because the address of the security buffer is not taken into consideration, resulting in a out-of-bounds read...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the mech token during session setup. If a client sends an invalid mech token in a session setup request, ksmbd validates it and reports an error if the token is invalid...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...
Linux Distros Unpatched Vulnerability : CVE-2026-43379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been...
CVE-2026-43490
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...
Linux Distros Unpatched Vulnerability : CVE-2026-43490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE...
UBUNTU-CVE-2026-8449
Rejected reason: This CVE ID has been rejected or withdrawn...
ksmbd 缓冲区错误漏洞
ksmbd is an open-source CIFS/SMB3 server created by Namjae Jeon for the Linux kernel. It implements the SMB/CIFS protocol within the kernel space, used for sharing files and IPC services over a network. ksmbd has a buffer error vulnerability, which stems from remote memory corruption in the ACL...
Exploit for CVE-2026-31717
CVE-2026-31717: ksmbd DHnC Durable-Handle Reconnect Access-Con...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.18, prior to 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case of smb2write...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...
Astra Linux - уязвимость в linux-5.15
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verifyremainingdatalength respects maxfragmentedrecvsize This issue is related to the check for dataoffset + datalength...
Linux Distros Unpatched Vulnerability : CVE-2026-31717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user w...
Linux Distros Unpatched Vulnerability : CVE-2026-31711
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: server: fix activenumconn leak on transport allocation failure Commit 77ffbcac4e56 smb: server: fix leak of activenumconn in ksmbdtcpnewconnection address...