576 matches found
SUSE CVE-2026-46185
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...
EUVD-2026-32812
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...
CVE-2026-45972
The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added freetransport operations in ksmbd connections. The freetransport function for TCP connections can be called from smbdirect. This can lead to a kernel oops. This patch adds freetransport operations in ksmbd connection...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a potential deadlock that could occur when reconnecting channels. Fixed the function cifssignalcifsdforreconnect to take the correct lock order and prevent the following deadlock from occurring:...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.10. The file fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, resulting in a out-of-bounds read...
Eternalblue-ms17-010-lab
01-EternalBlue-MS17-010-README.mdhttps://github.com/user-atta...
EUVD-2026-28668
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
UBUNTU-CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
CVE-2026-43378
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...
CVE-2026-43362 smb: client: fix in-place encryption corruption in SMB2_write()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
PT-2026-39040
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the smb lazy parent lease break close function. The opinfo pointer, obtained via rcu dereferencefp-f opinfo, is accessed after rcu read unlock is called...
USN-8227-1: curl vulnerabilities
It was discovered that curl incorrectly reused non-TLS connections when TLS was required in some STARTTLS configurations. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2026-4873 It was discovered that curl incorrectly reused certain HTTP Negotiate connection...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...
Astra Linux - уязвимость в linux-5.15
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.9. ksmbd does not validate the SMB request protocol ID, resulting in an out-of-bounds read...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection when handling a DURABLEREQV2 context with SMB2FLAGSREPLAYOPERATION...
Astra Linux - уязвимость в linux-5.15
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2SESSIONSETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a...