DEBIAN-CVE-2024-53177

In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to opencacheddir error paths If opencacheddir encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in opencacheddir freeing the...

DEBIAN-CVE-2024-53178

In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with opencacheddir opencacheddir may either race with the tcon reconnection even before compoundsendrecv or directly trigger a reconnection via SMB2openinit or SMBqueryinfoinit. The...

UBUNTU-CVE-2024-53185

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in cryptoaeadsetkey Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2GLOBALCAPENCRYPTION flag is set in the negotiate response, the client uses AES-128-CCM as the defaul...

CVE-2024-53178 smb: Don't leak cfid when reconnect races with open_cached_dir

In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with opencacheddir opencacheddir may either race with the tcon reconnection even before compoundsendrecv or directly trigger a reconnection via SMB2openinit or SMBqueryinfoinit. The...

OESA-2024-2588 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the post-release reuse of signing keys in the smb client module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the smb subsystem due to an opencacheddir wrong path...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in the smb module that does not properly handle cfid on reconnect...

samba bug fix update

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

CVE-2024-50151

...

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

QNAP Systems SMB 安全漏洞

QNAP Systems SMB is a network file sharing protocol from China-based QNAP Systems. A security vulnerability exists in QNAP Systems SMB that stems from the inclusion of a SQL injection vulnerability...

Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. CVE-2023-52752: smb: client: fix...

CLSA-2024-1732267577 kernel: Fix of 2 CVEs

net: bridge: xmit: make sure we have at least eth header len bytes CVE-2024-38538 - SUNRPC: Fix UAF in svctcplistendataready CVE-2023-52885 - Fix: Revert "smb: client: fix use-after-free bug in cifsdebugdataprocshow" double lock...

SUSE CVE-2024-50285

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache". It will cause OOM issue. ksmbd has a credit mechanism but it can'...

DEBIAN-CVE-2024-50285

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...

UBUNTU-CVE-2024-50286

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbdsmb2sessioncreate There is a race condition between ksmbdsmb2sessioncreate and ksmbdexpiresession. This patch add missing sessionstablelock while adding/deleting session from global session...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unchecked simultaneous SMB operations...