1851 matches found
UBUNTU-CVE-2023-32257
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...
UBUNTU-CVE-2023-32252
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...
UBUNTU-CVE-2023-32258
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...
UBUNTU-CVE-2023-32247
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2SESSIONSETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a...
Linux kernel 安全漏洞
Linux Kernel is a popular operating system. A resource exhaustion vulnerability exists in the Linux Kernel ksmbd handling SMB2SESSIONSETUP, which can be exploited by a remote attacker to submit a special request that can crash the system and cause a denial of service attack...
Linux kernel 安全漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from flaws in the handling of the SMB2LOGOFF and SMB2CLOSE commands, which lack proper locking when performing operations on objects, and...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation. A security vulnerability exists in the Linux kernel that stems from flaws in the handling of the SMB2TREECONNECT and SMB2QUERYINFO commands, which lack proper validation of pointers before they are...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a flaw in the handling of the SMB2LOGOFF command, which lacks proper validation of pointers before they are accessed, and which can b...
PT-2023-8703 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the improper validation of session id and tree id in compound requests in the Linux kernel's ksmbd module. Specifically, the smb2 get msg function in smb2 get...
Samba 安全漏洞
Samba is a standard Windows interoperability program suite for Linux and Unix. A security vulnerability exists in Samba that originates from incorrectly enforcing SMB2 packet signatures. An attacker could exploit this vulnerability to obtain or modify sensitive information...
SUSE CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
PT-2023-8786 · Samba +8 · Samba +8
Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domai...
CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...
DEBIAN-CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
DEBIAN-CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
AZL-27534 CVE-2023-38430 affecting package kernel for versions less than 5.15.122.1-2
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
UBUNTU-CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...
UBUNTU-CVE-2023-38430
An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...
PT-2023-8718 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the ksmbd module in the Linux kernel, where an out-of-bounds condition occurs in the init smb2 rsp hdr function when handling the need neg parameter set to fals...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.10, which stems from the fact that fs/smb/server/smb2misc.c does not validate the relationsh...