1796 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient validation of SMB request boundaries, which could lead to out-of-bounds access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from out-of-bounds access to the ksmbd initsmb2rsphdr function...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992211)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992211 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...
Linux Distros Unpatched Vulnerability : CVE-2023-54260
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly...
CVE-2023-53990
In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...
SUSE CVE-2023-54076
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...
CVE-2023-54076 smb: client: fix missed ses refcounting
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...
CVE-2023-53990
In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...
CVE-2023-53990
In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...
CVE-2023-53990 SMB3: Add missing locks to protect deferred close file list
In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...
CVE-2023-53990
CVE-2023-53990 pertains to the Linux kernel SMB3/cifs path. The issue arises from missing synchronization when modifying the deferred close file list inside cifs_del_deferred_close, creating a potential data race. The root cause is a missing acquire of the deferred_lock around the critical sectio...
SUSE-SU-2026:20015-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
smb: client: fix memory leak in cifs_construct_tcon()
...
Exploit for CVE-2017-0144
No d...
AZL-72625 CVE-2025-68295 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...
CVE-2025-68295
CVE-2025-68295 is a Linux kernel issue affecting the SMB CIFS client. When using multiuser mounts with domain= and cifscreds, the code path in cifs_set_cifscreds() ends up assigning the domain name to ctx->domainname, and this memory is not freed on exit from cifs_construct_tcon(), causing a m...
CVE-2025-68226
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...
PT-2025-51639
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB client related to an incomplete backport in the cfids invalidation worker function. A previous commit aimed to address a potential use-after-free...