1772 matches found
CVE-2026-45972
A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability, within the smb2openfile function, could allow an attacker to cause memory corruption due to improper handling of memory during file open operations. This could lead to system instability or potentially...
EUVD-2026-32256
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...
CVE-2026-45972
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...
SUSE CVE-2026-1933
A flaw was found in Samba's handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...
SUSE-SU-2026:2071-1 Security update for samba
This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. - CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. - CVE-2026-4480: Unauthenticated...
ROS-20260526-73-0006
Vulnerability in python-relenv related to improper dynamic memory cleanup. Exploitation of the vulnerability allows a remote attacker to bypass security restrictions and cause a denial of service by sending specially crafted smb2 packets...
USN-8291-3 linux-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...
USN-8291-2: Linux kernel (Low Latency) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...
USN-8291-2 linux-lowlatency-hwe-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...
Ubuntu Pro Realtime 22.04 LTS : Linux kernel (Intel IoTG Real-time) vulnerabilities (USN-8291-1)
The remote Ubuntu Pro Realtime 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8291-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
CLSA-2026-1779357790 curl: Fix of 2 CVEs
CVE-2026-5773: wrong reuse of SMB connection; disable connection reuse for SMBS so a subsequent transfer cannot wrongfully reuse a pooled connection to a different share - CVE-2026-6276: clear stale custom-Host cookiehost between requests on the same easy handle cookie leak across origins...
USN-8291-1: Linux kernel (Intel IoTG Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...
USN-8291-1 linux-intel-iot-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...
CLSA-2026-1779358120 Fix CVE(s): CVE-2026-5773
SECURITY UPDATE: wrong reuse of SMB connection - debian/patches/CVE-2026-5773.patch: disable connection reuse for SMBS in lib/smb.c. - CVE-2026-5773...
CLSA-2026-1779357791 Fix CVE(s): CVE-2026-5773
SECURITY UPDATE: libcurl may reuse the wrong connection for SMBS transfers, leading to access of an unintended SMB share with the same credentials. - debian/patches/CVE-2026-5773.patch: disable connection reuse for SMBS in lib/url.c by returning early from ConnectionExists when the requested...
CLSA-2026-1779357393 curl: Fix of CVE-2026-5773
CVE-2026-5773: disable connection reuse for SMBS to prevent libcurl from reusing a connection to the same server for a different SMB share...
CLSA-2026-1779357116 curl: Fix of CVE-2026-5773
CVE-2026-5773: disable connection reuse for SMBS to prevent libcurl from reusing a connection to the same server for a different SMB share...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: avoid double-free in smbdfreesendio after smbdsendbatchflush smbdsendbatchFlush already calls smbdfreesendio; therefore, we should not call it again after smbdpostsend. It has been moved to the batch list...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix an off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: Client: Fixed an error in parsing OOB read responses for symlinks. When a CREATE command results in a STATUSSTOPPEDONSYMLINK status code, the smb2checkmessage function returns a success status without performing any lengt...