CVE-2025-11696

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

CVE-2025-11696 Studio 5000 ® Simulation Interface SSRF

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

RockyLinux 9 : kernel (RLSA-2025:19105)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19105 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

smb: client: fix UAF in decryption with multichannel

...

Oracle Linux 8 : kernel (ELSA-2025-19447)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19447 advisory. - smb3: missing lock when picking channel Paulo Alcantara RHEL-109546 CVE-2024-35999 - smb: client: fix potential deadlock when reconnecting channels...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...

smb: client: Fix refcount leak for cifs_sb_tlink

...

EUVD-2025-36975

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

CVE-2025-40103

Summary: CVE-2025-40103 affects the Linux kernel CIFS client, where the refcount for cifs_sb_tlink can leak due to three missing refcount updates when calling cifs_sb_tlink()/cifs_put_tlink(). This can cause resource leaks. Root cause: refcount inconsistency in cifs_sb_tlink related paths. Impact...

CVE-2025-40103

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

Linux Distros Unpatched Vulnerability : CVE-2025-40103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink...

smb: client: fix crypto buffers in non-linear memory

...

CVE-2025-40052

CVE-2025-40052 (Linux kernel, SMB/CIFS crypto path) fixes a bug where aead_request context could end up in vmalloc memory, causing sg_set_buf() to crash when virt_addr_valid(buf) fails under heavy parallel I/O. Root cause: creq allocation used kvzalloc(), potentially placing __ctx in vmalloc area...

CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

kernel security update

5.14.0-570.58.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

PT-2025-49449

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Server Message Block SMB client implementation, specifically in the smb2 query info compound function. A use-after-free condition can occur wh...

Impacket 0.13.0

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...

USN-7835-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03615-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03615-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...