585 matches found
CVE-2026-3805
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the ksmbdvfsgetattr function in smb2open, resulting in the failure to release the...
CVE-2025-71150 ksmbd: Fix refcount leak when invalid session is found on session lookup
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-After-Free issue in smb2closecachedfid. findorcreatecacheddir might acquire a new reference after krefput. This occurs when the reference count drops to zero, but before cfidlistlock is acquired...
UBUNTU-CVE-2023-54250
In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...
CVE-2022-50859 cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
SUSE-SU-2026:20012-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...
SUSE-SU-2026:20021-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...
SUSE CVE-2025-40320
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added freetransport operations in ksmbd connections. The freetransport function for TCP connections can be called from smdbdirect. This could lead to a kernel error. This patch adds freetransport operations in ksmbd...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a potential deadlock that could occur when reconnecting channels. Fixed the function cifssignalcifsdforreconnect to follow the correct lock order and prevent the following deadlock from occurring:...
PT-2025-41473
Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description Newforma Info Exchange NIX contains a flaw in the '/RemoteWeb/IntegrationServices.ashx' endpoint. An unauthenticated, remote attacker can exploit this to force NIX to...
EUVD-2018-1066
Malware in sbrugna...
EUVD-2018-1278
Malware in sbrugna...
EUVD-2018-1067
Malware in sbrugna...
EUVD-2019-3557
Malware in sbrugna...
EUVD-2004-1169
Malware in sbrugna...
EUVD-2019-1542
Malware in sbrugna...
EUVD-2016-5007
Malware in sbrugna...