UBUNTU-CVE-2022-49366

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

The vulnerability in the implementation of the SMB protocol in the Mac OS allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the SMB protocol implementation in the Mac OS is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed OOB issues when building SMB2IOCTL requests. When encryption is used, whether enforced by the server or when using the “seal” mount option, the client will squash all compound request buffers into a single iov...

The vulnerability in the implementation of the SMB protocol on macOS operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the SMB protocol implementation in macOS lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

CLSA-2025-1738671431 kernel: Fix of 43 CVEs

smb: client: fix use-after-free of signing key CVE-2024-53179 - smb: client: stop flooding dmesg in smb2calcsignature CVE-2024-53179 - smb3: fix oops in calculating shashsetkey CVE-2024-53179 - cifs: return correct error in -calcsignature CVE-2024-53179 - cifs: secmech: use shashdesc directly,...

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...

smb: client: fix possible double free in smb2_set_ea()

...

smb: Initialize cfid->tcon before performing network ops

...

ksmbd: fix use-after-free in SMB request handling

...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate bsc1227784. CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstsetstate bsc1227781...

USN-7179-4 linux-xilinx-zynqmp vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6...

DEBIAN-CVE-2024-57925

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2sendinterimresp, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory write of...

CVE-2024-57925 ksmbd: fix a missing return value check bug

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2sendinterimresp, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory write of...

Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024119 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059158 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

PT-2025-49781

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the SMB client, specifically in the smb2 close cached fid function. The find or create cached dir function could potentially acqui...

PT-2025-37970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the SMB client during the rename process. Specifically, the issue arises from the timing of unhashing the dentry, which can allow concurrent opens on the targe...

UBUNTU-CVE-2024-56627

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbdvfsstreamread An offset from client could be a negative value, It could lead to an out-of-bounds read from the streambuf. Note that this issue is coming when setting 'vfs objects = streamsxat...

DEBIAN-CVE-2024-53178

In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with opencacheddir opencacheddir may either race with the tcon reconnection even before compoundsendrecv or directly trigger a reconnection via SMB2openinit or SMBqueryinfoinit. The...