Lucene search
K

1784 matches found

Debian CVE
Debian CVE
added 2025/08/19 5:2 p.m.4 views

CVE-2025-38562

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generateencryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generateencryptionkey could happen. sess-PreauthHashValue is...

5.5CVSS5.3AI score0.07142EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/18 9:28 a.m.5 views

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

7CVSS6.5AI score0.0015EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 5:17 a.m.8 views

CVE-2023-4130

In the Linux kernel, a flaw was found in the KSMBD server implementation when handling FILEFULLEAINFORMATION requests. The issue arises in the smb2setea function, where multiple smb2eainfo buffers are processed using the NextEntryOffset field. KSMBD incorrectly validated the length of the next...

5.5CVSS6.5AI score0.00224EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/16 11:25 p.m.2 views

SUSE CVE-2023-4515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

5.5CVSS6.7AI score0.00135EPSS
Exploits0References16
NVD
NVD
added 2025/08/16 2:15 p.m.5 views

CVE-2023-3867

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...

7.1CVSS0.02838EPSS
Exploits0References4
OSV
OSV
added 2025/08/16 2:15 p.m.2 views

DEBIAN-CVE-2023-4515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

5.5CVSS5.4AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/08/16 1:29 p.m.4 views

CVE-2023-3867 ksmbd: fix out of bounds read in smb2_sess_setup

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...

7.1CVSS6.3AI score0.02838EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/16 1:27 p.m.10 views

CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...

0.00224EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/16 1:27 p.m.6 views

CVE-2023-3865 ksmbd: fix out-of-bound read in smb2_write

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2write ksmbdsmb2checkmessage doesn't validate hdr-NextCommand. If -NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in...

0.00374EPSS
Exploits0References4
OSV
OSV
added 2025/08/16 1:27 p.m.2 views

CVE-2023-3865 ksmbd: fix out-of-bound read in smb2_write

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2write ksmbdsmb2checkmessage doesn't validate hdr-NextCommand. If -NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in...

7.1CVSS6.3AI score0.00374EPSS
Exploits0References7
OSV
OSV
added 2025/08/16 1:25 p.m.5 views

CVE-2023-4515 ksmbd: validate command request size

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

5.5CVSS6.3AI score0.00135EPSS
Exploits0References7
NVD
NVD
added 2025/08/16 12:15 p.m.4 views

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

7.8CVSS0.0015EPSS
Exploits0References7
NVD
NVD
added 2025/08/16 12:15 p.m.5 views

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

5.5CVSS0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/08/16 12:15 p.m.1 views

DEBIAN-CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

5.5CVSS5.7AI score0.00143EPSS
Exploits0References1
OSV
OSV
added 2025/08/16 12:15 p.m.3 views

UBUNTU-CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

7.8CVSS6.5AI score0.0015EPSS
Exploits0References39
Cvelist
Cvelist
added 2025/08/16 11:12 a.m.7 views

CVE-2025-38527 smb: client: fix use-after-free in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

0.0015EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/08/16 11:12 a.m.5 views

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

7.8CVSS6.2AI score0.0015EPSS
Exploits0
Cvelist
Cvelist
added 2025/08/16 11:12 a.m.5 views

CVE-2025-38523 cifs: Fix the smbd_response slab to allow usercopy

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/08/16 11:12 a.m.3 views

CVE-2025-38523 cifs: Fix the smbd_response slab to allow usercopy

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References6
Rows per page
Query Builder