ROS-20260113-7306

A vulnerability in the createleasebuf function of the SMB subsystem of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Microsoft Windows SMB Server 竞争条件问题漏洞

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

Microsoft Windows SMB Server 竞争条件问题漏洞

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

PT-2026-2538

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The smb2 set ea function, responsible for handling Extended Attributes EA, had incorrect buffer validation checks. These checks did not account for the size of the null terminator requir...

Microsoft Windows SMB Server 竞争条件问题漏洞

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server, which can b...

ROS-20260113-7352

A vulnerability in the decryptrawdata function in the fs/smb/client/smb2ops.c module of the SMB subsystem of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...

MiracleLinux 9 : kernel-5.14.0-570.58.1.el9_6 (AXSA:2025-11021:85)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11021:85 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

Multi-Regional Cloud Honeypot Dataset (MURHCAD)

This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...

CLSA-2026-1767867718 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

smb: client: fix use-after-free in crypt_message when using async crypto

...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000189 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out- of-bounds read because data structures are incompletely...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000296 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after- free. NOTE: this was not fixed correctly in 5.0.10; see the...

PT-2026-27647

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB2 implementation of the Linux kernel where uninitialized variables within the smb2 unlink function can lead to system crashes oops. Specifically, if SMB2 open ini...

PT-2026-8213

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the smb2 open file function within the SMB/client component of the Linux kernel. The issue occurs when directories are exported as read-only, and a CIFS mount is...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993135 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...

EUVD-2023-60381

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

EUVD-2023-60391

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...