kernel: smb: client: fix potential OOBs in smb2_parse_contexts()

A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...

kernel: smb: client: fix potential OOBs in smb2_parse_contexts()

A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...

kernel: smb: client: fix potential OOBs in smb2_parse_contexts()

A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...

kernel: smb: client: fix UAF in smb2_reconnect_server()

A flaw was found in the smb client in the Linux kernel. A potential use-after-free error was seen in the smb2reconnectserver function. This issue can lead to the crash of a client user session...

kernel: smb: client: fix UAF in smb2_reconnect_server()

A flaw was found in the smb client in the Linux kernel. A potential use-after-free error was seen in the smb2reconnectserver function. This issue can lead to the crash of a client user session...

DEBIAN-CVE-2024-39468

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2findsmbtcon Unlock cifstcpseslock before calling cifsputsmbses to avoid such deadlock...

UBUNTU-CVE-2024-39468

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2findsmbtcon Unlock cifstcpseslock before calling cifsputsmbses to avoid such deadlock...

CLSA-2024-1719231016 kernel: Fix of 52 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - tls: fix use-after-free on failed backlog decryption CVE-2024-26800 - tls: separate no-async decryption request handling from async CVE-2024-26584 - tls: decrement decryptpending if no async completion will be called...

The vulnerability of the cifsdebug_data_proc_show() function in the SMB protocol client implementation of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cifsdebugdataprocshow function in the fs/smb/client/cifsdebug.c module of the SMB protocol client implementation in Linux kernel relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...

PT-2024-12778 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel ksmbd affected versions not specified Description: A flaw was found in the handling of SMB2 READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can...

CVE-2024-5269

Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-5267

Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-5256

Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit this vulnerabilit...

PT-2024-35377 · Sonos · Sonos Era 100

Name of the Vulnerable Software and Affected Versions: Sonos Era 100 affected versions not specified Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. The specific flaw exists within the handling ...

The vulnerability of the smb2_reconnect_server() function in the Linux kernel-based SMB protocol client implementation allows a hacker to cause a service failure.

The vulnerability of the smb2reconnectserver function in the fs/smb/client/smb2pdu.c module of the SMB protocol client implementation in Linux operating systems is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service...

The vulnerability of the cifs_stats_proc_show() function in the SMB protocol client implementation of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the cifsstatsprocshow function in the fs/smb/client/cifsdebug.c module of the SMB protocol client implementation in Linux operating systems is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service...

CLSA-2024-1716980332 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free...

CLSA-2024-1716980150 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free...

SUSE CVE-2023-52752

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

USN-6786-1 netatalk vulnerabilities

It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code...