Lucene search
K

1785 matches found

SUSE Linux
SUSE Linux
added 2024/12/06 7:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

7.8CVSS8.5AI score0.01166EPSS
Exploits2References100
SUSE Linux
SUSE Linux
added 2024/12/06 2:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

7.8CVSS8.2AI score0.00614EPSS
Exploits0References48
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.2 views

QNAP Systems SMB 安全漏洞

QNAP Systems SMB is a network file sharing protocol from China-based QNAP Systems. A security vulnerability exists in QNAP Systems SMB that stems from the inclusion of a SQL injection vulnerability...

10CVSS9.3AI score0.1005EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2024/12/05 8:39 p.m.2 views

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

7.8CVSS8.7AI score0.0094EPSS
Exploits1References136
SUSE Linux
SUSE Linux
added 2024/12/02 12:35 p.m.2 views

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. CVE-2023-52752: smb: client: fix...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References20
OSV
OSV
added 2024/11/22 9:26 a.m.7 views

CLSA-2024-1732267577 kernel: Fix of 2 CVEs

net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 - SUNRPC: Fix UAF in svctcplistendataready CVE-2023-52885 - Fix: Revert "smb: client: fix use-after-free bug in cifsdebugdataprocshow" double lock...

7.8CVSS6.8AI score0.00286EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/19 3:49 a.m.2 views

SUSE CVE-2024-50285

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache". It will cause OOM issue. ksmbd has a credit mechanism but it can'...

5.5CVSS6.2AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2024/11/19 2:16 a.m.2 views

DEBIAN-CVE-2024-50285

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...

5.5CVSS5.7AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2024/11/19 2:16 a.m.8 views

UBUNTU-CVE-2024-50286

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbdsmb2sessioncreate There is a race condition between ksmbdsmb2sessioncreate and ksmbdexpiresession. This patch add missing sessionstablelock while adding/deleting session from global session...

7.8CVSS6.6AI score0.00267EPSS
Exploits0References19
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unchecked simultaneous SMB operations...

5.5CVSS6.6AI score0.0026EPSS
Exploits0References4
OSV
OSV
added 2024/11/18 6:33 p.m.5 views

CLSA-2024-1731933167 kernel: Fix of 36 CVEs

smb: client: fix use-after-free in smb2queryinfocompound CVE-2023-52751 - smb: client: prevent new fids from being removed by laundromat CVE-2023-52751 - cifs: fix dentry lookups in directory handle cache CVE-2023-52751 - uprobe: avoid out-of-bounds memory access of fetching args CVE-2024-50067 -...

9.1CVSS7AI score0.01367EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/11/18 10:15 a.m.3 views

CVE-2023-39176

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...

7.5CVSS6.1AI score0.00663EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2024/11/18 10:15 a.m.8 views

CVE-2023-39179

A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...

7.5CVSS7AI score0.01095EPSS
Exploits0References4
OSV
OSV
added 2024/11/18 10:15 a.m.0 views

UBUNTU-CVE-2023-39176

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...

7.5CVSS5.7AI score0.00663EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/17 12:0 a.m.7 views

The vulnerability in the implementation of the SMB protocol in Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the SMB protocol implementation in Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS5.5AI score0.62257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/17 12:0 a.m.5 views

PT-2024-35625

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been reported in the Linux kernel, specifically in the SMB client, when using SMB2.1 + sign mounts. This occurs due to a race condition between tasks A and B,...

7.8CVSS5.4AI score0.00245EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.3 views

The vulnerability in the implementation of the Server Message Block (SMBv3) network protocol on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Server Message Block SMBv3 network protocol implementation in Windows operating systems is related to a memory reclamation error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.1CVSS5.9AI score0.01418EPSS
Exploits0References3
OSV
OSV
added 2024/11/12 6:15 p.m.1 views

CVE-2024-43642

Windows SMB Denial of Service Vulnerability...

7.5CVSS5.8AI score0.62257EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: smb: client: guarantee refcounted children from parent session

The following vulnerability has been resolved in the Linux kernel: smb: client: Fix - Guarantee refcounted children from the parent session...

8.4CVSS7.1AI score0.00253EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: smb: client: fix potential UAF in smb2_is_network_name_deleted()

A use-after-free flaw was found in the Linux kernel in smb smb2isnetworknamedeleted when exiting a session. This flaw allows a local attacker to crash the system...

7.8CVSS6.8AI score0.00239EPSS
Exploits0References5
Rows per page
Query Builder