PT-2026-34960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the SMB server component. The function smb direct flush send list already invokes smb direct free sendmsg, leading to a second call to smb direct free sendm...

ksmbd: fix use-after-free and NULL deref in smb_grant_oplock()

...

CVE-2026-31476

A flaw was found in ksmbd in the Linux kernel. A remote attacker can exploit this vulnerability by sending a multichannel session binding request with an incorrect password. This improper handling of failed binding requests can cause an active session to expire, leading to a Denial of Service DoS...

CVE-2026-31444

A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability involves a use-after-free and a NULL pointer dereference within the smbgrantoplock function during the oplock publication sequence. An attacker could potentially exploit these issues, leading to memory corruption. This...

CVE-2026-31444

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013424 advisory. The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013442)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013442 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of- bounds read and OOPS for SMB2WRITE, when there is a large...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013599 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb...

PT-2026-34381

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the ksmbd module occurs when a multichannel session binding request fails, such as due to an incorrect password. In these instances, the error path unconditionally sets the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010738 advisory. The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011392 advisory. A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010699 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap- based buffer overflow in setntacldacl, related to use of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010701 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010754 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error...

Exploit for CVE-2017-0144

No d...

Exploit for CVE-2017-0144

No d...

[SECURITY] Fedora 43 Update: smb4k-4.0.6-1.fc43

Smb4K is an SMB/CIFS share browser for KDE. It uses the Samba software suite to access the SMB/CIFS shares of the local network neighborhood. Its purpose is to provide a program that's easy to use and has as many features as possible...

Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: CVE-2026-26271: Buffer overread in FreeRDP icon processing bsc1258979. CVE-2026-26955: Out-of-Bounds write in ClearCodec surface command handler bsc1258982. CVE-2026-26965: Out-of-bounds write in planar bitmap RLE decompression...

SUSE-SU-2026:1398-1 Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...