Lucene search
K

1853 matches found

Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.6 views

PT-2024-3839

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a potential use-after-free UAF vulnerability in the cifs stats proc write function of the Linux kernel's SMB client implementation. This vulnerability may allow a...

7.8CVSS5.5AI score0.00238EPSS
Exploits0
Amazon
Amazon
added 2024/04/01 12:0 a.m.6 views

Medium: kernel

Issue Overview: A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. CVE-2023-52434 In the Linux kernel, the following vulnerabili...

8CVSS7.3AI score0.00992EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/03/27 12:26 a.m.7 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01982EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/27 12:15 a.m.4 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01982EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/03/16 7:0 a.m.6 views

smb: client: fix potential OOBs in smb2_parse_contexts()

...

8CVSS7.3AI score0.00561EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/12 12:0 a.m.5 views

The vulnerability of the SMB2 packet signing mechanism in the Samba networking communication software allows a attacker to execute a type of “man-in-the-middle” attack.

The vulnerability of the SMB2 packet signing mechanism in the Samba network communication software is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to act remotely...

5.9CVSS6.6AI score0.0039EPSS
Exploits0References7Affected Software6
RedHat Linux
RedHat Linux
added 2024/03/06 12:44 p.m.3 views

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.8AI score0.01982EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/06 12:44 p.m.5 views

kernel: Out-Of-Bounds Read vulnerability in smbCalcSize

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS7.2AI score0.00522EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2024/03/06 4:34 a.m.2 views

SUSE CVE-2023-52572

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

7.6AI score0.00225EPSS
Exploits0References12
Amazon
Amazon
added 2024/03/06 12:0 a.m.7 views

Important: kernel-livepatch-5.10.205-195.804

Issue Overview: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable...

7.8CVSS6.4AI score0.01982EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/03/04 12:0 a.m.4 views

The vulnerability of SMB microprogramming software for network interfaces and Zyxel USG and Zyxel VPN devices allows a perpetrator to cause service failures.

The vulnerability of SMB microprogramming services for network interfaces and Zyxel USG and Zyxel VPN devices relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2024/03/02 10:15 p.m.2 views

UBUNTU-CVE-2023-52572

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

7.8CVSS6.1AI score0.00225EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.3 views

PT-2024-1935 · Zyxel · Zyxel Usg +1

Name of the Vulnerable Software and Affected Versions: Zyxel USG and Zyxel VPN affected versions not specified Description: The issue is related to a buffer overflow in the memory of the SMB service in the firmware of Zyxel USG and Zyxel VPN firewalls and VPN devices. This can be exploited by a...

7.8CVSS7.7AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.4 views

Vulnerabilities of the functions smb2_get_ksmbd_tcon() and smb2_check_user_session() in Linux operating system kernels, allowing attackers to enhance their privileges

The vulnerabilities of the functions smb2getksmbdtcon and smb2checkusersession in Linux operating systems are related to improper elimination of special elements in the data request logic when processing parameters like id and tree id. Exploiting these vulnerabilities can allow a remote attacker ...

5.2CVSS6.6AI score0.17442EPSS
Exploits0References18Affected Software3
SUSE CVE
SUSE CVE
added 2024/02/23 3:21 a.m.2 views

SUSE CVE-2023-52441

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in initsmb2rsphdr If client send smb2 negotiate request and then send smb1 negotiate request, initsmb2rsphdr is called for smb1 negotiate request since needneg is set to false. This patch ignore smb1...

7.8CVSS6.4AI score0.00378EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.3 views

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from an overflow in the ksmbddecodentlmsspauthblob function of ksmbd...

7.8CVSS8.4AI score0.36685EPSS
Exploits1References6
OSV
OSV
added 2024/02/20 6:15 p.m.6 views

AZL-35810 CVE-2023-52434 affecting package kernel for versions less than 5.15.153.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2parsecontexts Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts. This fixes following oops when accessing invalid create contexts from server: BUG: unabl...

8CVSS6.2AI score0.00561EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/20 12:31 p.m.10 views

kernel: OOB Access in smb2_dump_detail

An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS7.2AI score0.00427EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/02/20 12:0 a.m.1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access vulnerability in smb...

8CVSS6.4AI score0.00561EPSS
Exploits0References4
OSV
OSV
added 2024/02/09 11:38 a.m.9 views

CLSA-2024-1707478721 kernel: Fix of 11 CVEs

netfilter: nftables: reject QUEUE/DROP verdict parameters CVE-2024-1086 - RDMA/core: Refactor rdmabindaddr CVE-2023-2176 - RDMA/cma: Do not change route.addr.srcaddr outside state checks - RDMA/cma: Ensure rdmaaddrcancel happens before issuing more requests - drm/amdgpu: Fix potential fence...

7.8CVSS6.8AI score0.28058EPSS
Exploits16References1
Rows per page
Query Builder