Microsoft Windows SMB Server Denial of Service Vulnerability

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. A denial of service vulnerability exists in Microsoft Windows SMB Server, which is caused d...

Microsoft Windows SMB Server Elevation of Privilege Vulnerability (CNVD-2026-10680)

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

Microsoft Windows SMB Server Elevation of Privilege Vulnerability (CNVD-2026-10681)

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server, which can b...

Microsoft Windows SMB Server Elevation of Privilege Vulnerability (CNVD-2026-10679)

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

MiracleLinux 4 : samba-3.6.23-45.AXS4 (AXSA:2017-2303:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2303:05 advisory. A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file...

ALSA-2026:0759 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel: drm/i915:...

MiracleLinux 4 : samba4-4.2.10-11.AXS4 (AXSA:2017-2304:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2304:03 advisory. It was found that samba did not enforce SMB signing when certain configuration options were enabled. A remote attacker could launch a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003610 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out- of-bounds read because data structures are incompletely...

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002106 advisory. Race condition in the smbsendrqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service NULL pointer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002235)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002235 advisory. Off-by-one error in the builduncpathtoroot function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service memory...

CVE-2026-20926

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-20848

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

kernel: smb: client: fix potential UAF in cifs_stats_proc_write()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsstatsprocwrite Skip sessions that are being teared down status == SESEXITING to avoid UAF...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : kernel-rt (RHSA-2026:0534)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0534 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

MiracleLinux 3 : wireshark-1.0.15-1.4.0.1.AXS3 (AXSA:2011-109:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-109:02 advisory. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for...

CVE-2026-20927

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to deny service over a network...