1784 matches found
SUSE-SU-2026:20015-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
smb: client: fix memory leak in cifs_construct_tcon()
...
Exploit for CVE-2017-0144
No d...
AZL-72625 CVE-2025-68295 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...
CVE-2025-68295
CVE-2025-68295 is a Linux kernel issue affecting the SMB CIFS client. When using multiuser mounts with domain= and cifscreds, the code path in cifs_set_cifscreds() ends up assigning the domain name to ctx->domainname, and this memory is not freed on exit from cifs_construct_tcon(), causing a m...
CVE-2025-68226
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...
PT-2025-51639
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB client related to an incomplete backport in the cfids invalidation worker function. A previous commit aimed to address a potential use-after-free...
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server...
CVE-2023-53875 GOM Player 2.3.90.5360 Remote Code Execution via Insecure IE Component
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server...
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in the Internet Explorer component. The issue can be triggered via DNS spoofing with a malicious URL shortcut and WebDAV, enabling an attacker to execute arbitrary code and potentially run a reverse shell with SMB server intera...
PT-2025-51293
Name of the Vulnerable Software and Affected Versions GOM Player version 2.3.90.5360 Description GOM Player has a remote code execution issue in its Internet Explorer component. An attacker can execute arbitrary code through DNS spoofing. The attack involves redirecting a victim using a malicious...
security-vulnerabilities-and-protection-measures
Security Vulnerabilities and Protection Measures Submitted...
SUSE CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...
SUSE CVE-2025-40328
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...
UBUNTU-CVE-2025-40328
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...
CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...