1785 matches found
USN-7406-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-meta-raspi, linux-nvidia-tegra, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In th...
Apple macOS 竞争条件问题漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from mounting a specially crafted SMB network share could result in system termination...
The vulnerability of the smb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the smb component in the Linux operating system’s kernel is related to improper error handling in the smb3reconfigure function in fs/smb/client/fscontext.c. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the File Sharing function on the administrator web panel of microprogramming router software GL.iNet GL-MT3000 allows a hacker to read arbitrary files.
The vulnerability of the File Sharing function on the administrator web panel of the GL.iNet GL-MT3000 router software relates to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker, operating remotely, to read arbitrary files...
CLSA-2025-1742471200 kernel: Fix of 19 CVEs
net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26708: mptcp: fix inconsistent state on fastopen race bsc1222672. CVE-2024-40980: dropmonitor: replace spinlock by rawspinlock bsc1227937. CVE-2024-44974:...
smb: client: fix use-after-free of signing key
...
DEBIAN-CVE-2025-21844
In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...
Sage 200 Spain 安全漏洞
Sage 200 Spain is a business management software from Sage. A security vulnerability exists in Sage 200 Spain versions prior to 2025.35.000, which stems from an SMB mandatory authentication vulnerability that could lead to an administrator-privileged user obtaining an NTLMv2-SSP hash by changing...
SUSE CVE-2025-21725
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below from happening: Oops...
UBUNTU-CVE-2022-49366
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...
The vulnerability in the implementation of the SMB protocol in the Mac OS allows a perpetrator to increase their privileges and execute arbitrary code.
The vulnerability of the SMB protocol implementation in the Mac OS is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed OOB issues when building SMB2IOCTL requests. When encryption is used, whether enforced by the server or when using the “seal” mount option, the client will squash all compound request buffers into a single iov ...
The vulnerability in the implementation of the SMB protocol on macOS operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the SMB protocol implementation in macOS lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CLSA-2025-1738671431 kernel: Fix of 43 CVEs
smb: client: fix use-after-free of signing key CVE-2024-53179 - smb: client: stop flooding dmesg in smb2calcsignature CVE-2024-53179 - smb3: fix oops in calculating shashsetkey CVE-2024-53179 - cifs: return correct error in -calcsignature CVE-2024-53179 - cifs: secmech: use shashdesc directly,...
Xerox Versalink 安全漏洞
Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...
smb: Initialize cfid->tcon before performing network ops
...
ksmbd: fix use-after-free in SMB request handling
...
smb: client: fix possible double free in smb2_set_ea()
...