Lucene search
K

1785 matches found

RedHat Linux
RedHat Linux
added 2025/06/25 12:40 a.m.3 views

kernel: Kernel: Denial of Service via memory leak in SMB client

A flaw was found in the Linux kernel's Server Message Block SMB client. A local attacker with low privileges could exploit a memory leak in the cifssmb3domount function. This could lead to a Denial of Service DoS due to resource exhaustion...

5.5CVSS7.2AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/25 12:18 a.m.4 views

kernel: Kernel: Denial of Service via memory leak in SMB client

A flaw was found in the Linux kernel's Server Message Block SMB client. A local attacker with low privileges could exploit a memory leak in the cifssmb3domount function. This could lead to a Denial of Service DoS due to resource exhaustion...

5.5CVSS7.2AI score0.00145EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/25 12:0 a.m.7 views

PT-2025-28872

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc3-build2+ 1301 Description: The Linux kernel contains a flaw within the SMB client implementation that can lead to a potential deadlock when reconnecting channels. Specifically, an incorrect lock order...

5.5CVSS6.4AI score0.00107EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.8 views

The vulnerability of the cifs_get_tcon_super() function in the fs/smb/client/cifsproto.h module of the SMB client support in Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cifsgettconsuper function in the fs/smb/client/cifsproto.h module, which is part of the SMB client support in Linux kernel, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

8.4CVSS6.5AI score0.00253EPSS
Exploits0References15Affected Software3
Amazon
Amazon
added 2025/06/23 12:0 a.m.9 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue CVE-2025-38000 In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree...

7.8CVSS6.8AI score0.00369EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability of the invalidate_all_cached_dirs() function in the fs/smb/client/cached_dir.c module, which is part of the SMB client kernel support for Linux operating systems, allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the invalidateallcacheddirs function in the fs/smb/client/cacheddir.c module of the SMB client kernel for Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...

7.8CVSS6.7AI score0.00229EPSS
Exploits0References15Affected Software3
SUSE CVE
SUSE CVE
added 2025/06/19 3:46 a.m.2 views

SUSE CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

3.3CVSS6.3AI score0.00146EPSS
Exploits0References10
OSV
OSV
added 2025/06/18 11:15 a.m.1 views

UBUNTU-CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References6
OSV
OSV
added 2025/06/18 10:15 a.m.13 views

AZL-64061 CVE-2025-38051 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

7CVSS6.8AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 10:15 a.m.1 views

DEBIAN-CVE-2025-38051

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

7CVSS6AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 10:15 a.m.1 views

UBUNTU-CVE-2025-38051

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

7CVSS6.4AI score0.00177EPSS
Exploits0References42
Vulnrichment
Vulnrichment
added 2025/06/18 9:33 a.m.3 views

CVE-2025-38051 smb: client: Fix use-after-free in cifs_fill_dirent

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

6.4AI score0.00177EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from cifs not freeing the memory pool in SMB2negotiate, which could lead to a memory leak...

5.5CVSS6.3AI score0.00146EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.7 views

The vulnerability of the SMB Client on Windows operating systems allows attackers to increase their privileges.

The vulnerability of the SMB Client for Windows operating systems is related to a potential overflow condition. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.5AI score0.00455EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Fixed a use-after-free in cifsfilldirent. There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

7CVSS6.5AI score0.00177EPSS
Exploits0References3
OSV
OSV
added 2025/06/10 5:21 p.m.2 views

CVE-2025-32718

Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00455EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/10 12:0 a.m.7 views

The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to cause a service failure.

The vulnerability of the SMB service in the RouterOS operating system from MikroTik relates to pointer dereferencing errors. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

7.8CVSS5.5AI score0.00471EPSS
Exploits0References2Affected Software1
Amazon
Amazon
added 2025/06/10 12:0 a.m.8 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions CVE-2024-58098 In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs CVE-2024-58100 I...

7.8CVSS6.6AI score0.00263EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.5 views

PT-2025-35984

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock situation can occur in the SMB/server component when smb2 create link is called with the ReplaceIfExists option set and the target file already exists. This happens because...

5.5CVSS6.1AI score0.00111EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

MikroTik RouterOS 安全漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to make it provide router functionality. A security vulnerability exists in MikroTik RouterOS version 6.40.5, which stems from a memory corruption in the SMB...

7.5CVSS6.7AI score0.00471EPSS
Exploits0References1
Rows per page
Query Builder