CVE-2025-8448

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...

USN-7701-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition bsc1139073. CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL...

USN-7704-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7701-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7701-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7704-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

CVE-2025-38562

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generateencryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generateencryptionkey could happen. sess-PreauthHashValue is...

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

CVE-2023-4130

In the Linux kernel, a flaw was found in the KSMBD server implementation when handling FILEFULLEAINFORMATION requests. The issue arises in the smb2setea function, where multiple smb2eainfo buffers are processed using the NextEntryOffset field. KSMBD incorrectly validated the length of the next...

Linux Distros Unpatched Vulnerability : CVE-2025-38379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in...

SUSE CVE-2023-4515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

CVE-2023-3867

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...

DEBIAN-CVE-2023-4515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

CVE-2023-3867 ksmbd: fix out of bounds read in smb2_sess_setup

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...

CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...

CVE-2023-3865 ksmbd: fix out-of-bound read in smb2_write

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2write ksmbdsmb2checkmessage doesn't validate hdr-NextCommand. If -NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in...

CVE-2023-3865 ksmbd: fix out-of-bound read in smb2_write

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bound read in smb2write ksmbdsmb2checkmessage doesn't validate hdr-NextCommand. If -NextCommand is bigger than Offset + Length of smb2 write, It will allow oversized smb2 write length. It will cause OOB read in...

CVE-2023-4515 ksmbd: validate command request size

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed "ksmbd: validate command payload size", except for SMB2OPLOCKBREAKHE command, the request size of other commands is not checked, it's not expected. Fix it by add check f...

CVE-2025-38527

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...