Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential deadlock when an smb client reconnects to the channel...

Security update for samba

This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...

AZL-64692 CVE-2025-38208 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automountfullpath page is checked for null in buildpathfromdentryoptionalprefix when tcon-originfullpath is not set. However, the check is missing when it is set. Add a check to prevent a potential...

The vulnerability of the smb2pdu.c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the smb2pdu.c component in the Linux operating system’s kernel is related to improper control of resource identifiers. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the ksmbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ksmbd component in the Linux operating system’s kernel is related to reading data beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...

USN-7608-2 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...

kernel: Kernel: Denial of Service via memory leak in SMB client

A flaw was found in the Linux kernel's Server Message Block SMB client. A local attacker with low privileges could exploit a memory leak in the cifssmb3domount function. This could lead to a Denial of Service DoS due to resource exhaustion...

kernel: Kernel: Denial of Service via memory leak in SMB client

A flaw was found in the Linux kernel's Server Message Block SMB client. A local attacker with low privileges could exploit a memory leak in the cifssmb3domount function. This could lead to a Denial of Service DoS due to resource exhaustion...

PT-2025-28872

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc3-build2+ 1301 Description: The Linux kernel contains a flaw within the SMB client implementation that can lead to a potential deadlock when reconnecting channels. Specifically, an incorrect lock order...

The vulnerability of the cifs_get_tcon_super() function in the fs/smb/client/cifsproto.h module of the SMB client support in Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cifsgettconsuper function in the fs/smb/client/cifsproto.h module, which is part of the SMB client support in Linux kernel, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

The vulnerability of the invalidate_all_cached_dirs() function in the fs/smb/client/cached_dir.c module, which is part of the SMB client kernel support for Linux operating systems, allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the invalidateallcacheddirs function in the fs/smb/client/cacheddir.c module of the SMB client kernel for Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue CVE-2025-38000 In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree...

SUSE CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

UBUNTU-CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

AZL-64061 CVE-2025-38051 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

DEBIAN-CVE-2025-38051

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

UBUNTU-CVE-2025-38051

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

CVE-2025-38051 smb: client: Fix use-after-free in cifs_fill_dirent

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifsfilldirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning...

The vulnerability of the SMB Client on Windows operating systems allows attackers to increase their privileges.

The vulnerability of the SMB Client for Windows operating systems is related to a potential overflow condition. Exploiting this vulnerability can allow an attacker to increase their privileges...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from cifs not freeing the memory pool in SMB2negotiate, which could lead to a memory leak...