smb: Log an error when close_all_cached_dirs fails

...

smb: client: add NULL check in automount_fullpath

...

Linux Distros Unpatched Vulnerability : CVE-2025-38051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has bee...

Linux Distros Unpatched Vulnerability : CVE-2023-38431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's...

smb: client: Fix use-after-free in cifs_fill_dirent

...

USN-7685-3 linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

DEBIAN-CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

SUSE CVE-2025-38431

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...

MikroTik RouterOS 6.44 / 6.49.10 Denial of Service

MikroTik RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 SMB denial of service exploit...

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The repository contains various PoCs Proof of Concept and exploits for the vulnerability, which affects the Windows SMB protocol. The vulnerability is a buffer overflow in the SMB protocol, allowing an attacker to execute...

CVE-2025-38431

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...

CVE-2025-38431 smb: client: fix regression with native SMB symlinks

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...

DEBIAN-CVE-2025-38379

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...

AZL-65780 CVE-2025-38379 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...

UBUNTU-CVE-2025-38379

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mishandling of native SMB symbolic links by the smb client module, which could lead to the failure of...

VulnCheck KEV: CVE-2025-52488

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

The vulnerability of the SMB protocol implementation of the IBM Storage Scale cluster file system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SMB protocol implementation in the IBM Storage Scale cluster file system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the implementation of the SMB protocol in Microsoft Windows operating systems allows a hacker to perform a spoofing attack.

The vulnerability of the SMB protocol implementation in Microsoft Windows is related to errors in the authentication process. Exploiting this vulnerability allows a malicious actor to perform a spoofing attack remotely...

CVE-2025-36104

IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol...