2443 matches found
UBUNTU-CVE-2023-32251
A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...
CVE-2023-32251 Kernel: ksmbd brute force delay bypass via asynchronous requests
A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...
CVE-2023-32251 Kernel: ksmbd brute force delay bypass via asynchronous requests
A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an asynchronous request that can bypass antiviolate protections, potentially leading to a dictionary attack...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
SUSE CVE-2025-38492
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALLQUEUED being set When netfslib is issuing subrequests, the subrequests start processing immediately and may complete before we reach the end of the issuing function. At the en...
DEBIAN-CVE-2025-38488
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming all crypto operations are synchronous. However, when hardware crypto...
AZL-73458 CVE-2025-38488 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming all crypto operations are synchronous. However, when hardware crypto...
UBUNTU-CVE-2025-38492
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALLQUEUED being set When netfslib is issuing subrequests, the subrequests start processing immediately and may complete before we reach the end of the issuing function. At the en...
DEBIAN-CVE-2025-38459
In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push, and the second call copies ...
CVE-2025-38355 drm/xe: Process deferred GGTT node removals on device unwind
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt-wq that we use to complete asynchronous removal of some GGTT nodes, this happends as part of the managed-d...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between the asynchronous recycle worker thread and the closectree function...
SUSE-SU-2025:02507-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2024-53214:...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
kernel: net: atm: fix use after free in lec_send()
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.23 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ROS-20250721-01
The vulnerability of the iorwinitfile function of the iouring/rw.c module of the asynchronous I/O interface of the kernel of the of Linux operating system is related to reuse of previously freed memory. Exploitation exploitation of the vulnerability could allow an attacker to affect the...
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173: NFSv4.0:...
WordPress plugin WPLMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...