Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: a out-of-bounds error in initsmb2rsphdr has been fixed. If a client sends a SMB2 negotiate request and then a SMB1 negotiate request, initsmb2rsphdr is called for the SMB1 negotiate request, since needneg is set to false...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006728 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN:...

CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

AZL-54137 CVE-2023-52572 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

DEBIAN-CVE-2023-52441

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in initsmb2rsphdr If client send smb2 negotiate request and then send smb1 negotiate request, initsmb2rsphdr is called for smb1 negotiate request since needneg is set to false. This patch ignore smb1...

UBUNTU-CVE-2023-52441

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in initsmb2rsphdr If client send smb2 negotiate request and then send smb1 negotiate request, initsmb2rsphdr is called for smb1 negotiate request since needneg is set to false. This patch ignore smb1...

SUSE-SU-2020:2721-1 Security update for samba

This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC CVE-2020-1472, bsc1176579....

SUSE-SU-2020:2673-1 Security update for samba

This update for samba to version 4.10.17 fixes the following issues: - Fixed net command unable to negotiate SMB2; bsc1174120; - Update to 4.10.17 - CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each; bso14378; bsc1173160. - CVE-2020-10730: NULL de-referenc...

Important: kernel-livepatch-4.14.165-131.185

Issue Overview: An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.CVE-2019-1591 Affected Packages: kernel-livepatch-4.14.165-131.185 Issue...

CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...