Linux Distros Unpatched Vulnerability : CVE-2023-29532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB...

PT-2025-32792 · Microsoft · Windows Smb +1

Name of the Vulnerable Software and Affected Versions: Windows SMB affected versions not specified Description: Concurrent execution using a shared resource with improper synchronization a 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

PT-2025-34059

Name of the Vulnerable Software and Affected Versions: SMB affected versions not specified Description: A vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and th...

Linux Distros Unpatched Vulnerability : CVE-2025-22077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert smb: client: fix TCP timers deadlock after rmmod This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 smb: client: fix TCP...

Linux Distros Unpatched Vulnerability : CVE-2025-21844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard t...

PT-2025-36001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB3 implementation related to handling server interfaces during mounting to ksmbd. Specifically, a missing check in the parse server interfaces...

Linux Distros Unpatched Vulnerability : CVE-2019-15918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out- of-bounds read because data structures are incompletel...

Linux Distros Unpatched Vulnerability : CVE-2025-38244

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential deadlock when reconnecting channels Fix cifssignalcifsdforreconnect to take the correct lock order and prevent the following deadloc...

Linux Distros Unpatched Vulnerability : CVE-2025-37750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix UAF in decryption with multichannel After commit f7025d861694 smb: client: allocate crypto only for primary server and commit b0abcd65ec54 smb:...

Linux Distros Unpatched Vulnerability : CVE-2022-47943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of- bounds read and OOPS for SMB2WRITE, when there is a...

smb: Log an error when close_all_cached_dirs fails

...

smb: client: add NULL check in automount_fullpath

...

Linux Distros Unpatched Vulnerability : CVE-2025-38051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has bee...

Linux Distros Unpatched Vulnerability : CVE-2023-38431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's...

smb: client: Fix use-after-free in cifs_fill_dirent

...

USN-7685-3 linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

DEBIAN-CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

SUSE CVE-2025-38431

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...

MikroTik RouterOS 6.44 / 6.49.10 Denial of Service

MikroTik RouterOS versions 6.40.5 through 6.44 and 6.48.1 through 6.49.10 SMB denial of service exploit...

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The repository contains various PoCs Proof of Concept and exploits for the vulnerability, which affects the Windows SMB protocol. The vulnerability is a buffer overflow in the SMB protocol, allowing an attacker to execute...