CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Exploit for Improper Authentication in Microsoft

CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

PT-2026-36076

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description A crash in the SMB2 protocol dissector allows for a denial of service. A dissector is a software component that breaks down network packets into a...

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

CURL-CVE-2026-5773 wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

CVE-2026-31538

A flaw was found in the Linux kernel's Server Message Block SMB direct server. A race condition exists in the logic responsible for managing receive credits. This occurs because the system's method of counting posted receive input/output recvio and granted credits is susceptible to timing issues...

smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()

...

smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()

...

SUSE CVE-2026-31538

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

SUSE CVE-2026-31608

In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectflushsendlist smbdirectflushsendlist already calls smbdirectfreesendmsg, so we should not call it again after postsendmsg moved it to the batch list...

SUSE CVE-2026-31613

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

CVE-2026-31612

A flaw was found in ksmbd, a Linux kernel module. A remote attacker can exploit this vulnerability by sending a specially crafted client request to the smb2getea function. Due to improper validation of the EaNameLength field, the system may leak uninitialized heap memory values, leading to...

CVE-2026-31609

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, a double-free, occurs in the smbdfreesendio function after smbdsendbatchflush has already freed the memory. This memory corruption can lead to a denial of service DoS for the affected system. Mitigation To...

CVE-2026-31537

A flaw was found in the Linux kernel's Server Message Block SMB server. An attacker could exploit this vulnerability by triggering an immediate empty send operation, which would corrupt the stream of reassembled data transfer messages. This corruption could lead to data integrity issues or...

CVE-2026-31536

A flaw was found in the Linux kernel's Server Message Block SMB direct server implementation. This issue occurs during smbdirectsendbatch processing where requests without the IBSENDSIGNALED flag may be incorrectly handled when a connection is broken. This could lead to unexpected behavior relate...

CVE-2026-31535

A flaw was found in the Linux kernel. A race condition exists in the SMB client's receive credit management, specifically in how smbdirectsocket.recvio.credits.available are handled. This could lead to incorrect credit allocation, potentially causing instability or unexpected behavior within the...