SUSE CVE-2025-39932

In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...

smb: client: let recv_done verify data_offset, data_length and remaining_data_length

...

smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

...

AZL-75327 CVE-2025-39932 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...

CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)

In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...

CVE-2025-39932

Summary of CVE-2025-39932 (Linux kernel) : The issue affects the SMB/CIFS path in the Linux kernel where smbd_destroy() could destroy memory if post_send_credits_work is still pending. The root cause is that rxe_post_recv could be invoked after rdma_destroy_qp() due to put_receive_buffer() trigge...

CVE-2025-39929 smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirectrecvio leak in smbdnegotiate error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on kmemcacheshutdown...

CVE-2025-39929

CVE-2025-39929 affects the Linux kernel SMB client code, specifically a leak in smbdirect_recv_io within smbd_negotiate() error path. The vulnerability is mapped to a LOCAL attack, with MEDIUM overall CVSS (base 5.5) and HIGH impact on availability. The description in the initial document notes t...

EUVD-2025-29589

Malicious code in bioql PyPI...

EUVD-2025-31154

Malicious code in bioql PyPI...

EUVD-2025-25072

Malicious code in bioql PyPI...

EUVD-2025-25327

Malicious code in bioql PyPI...

EUVD-2022-26193

Malicious code in bioql PyPI...

EUVD-2025-27366

Malicious code in bioql PyPI...

USN-7798-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - SMB network file system; - Packet sockets; - Network traffic control; - VMware vSockets driver; ...

USN-7798-1 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - SMB network file system; - Packet sockets; - Network traffic control; - VMware vSockets driver; ...

kernel: smb: client: fix use-after-free in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

IconEnvironmentDataBlock - Windows LNK File Special UNC Path NTLM Leak

This module creates a malicious Windows shortcut LNK file that specifies a special UNC path in IconEnvironmentDataBlock of Shell Link .LNK that can trigger an authentication attempt to a remote server. This can be used to harvest NTLM authentication credentials. When a victim browse to the locati...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...