Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Avoid race conditions in opencacheddir when leases are broken. A previously valid cfid returned from findorcreatecacheddir might cause a race condition with a lease break. As a result, opencacheddir may not consid...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network operations. Avoid leaking a reference to tcon when a lease-break operation occurs while opening the cached directory. Processing this operation might result in a failure to...

EUVD-2025-201874

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...

CVE-2025-40328

CVE-2025-40328 : In the Linux kernel, the smb client could suffer a use-after-free in smb2_close_cached_fid() due to a race where a new reference could be grabbed after kref_put() dropped to zero but before cfid_list_lock is acquired. The fix switches to kref_put_lock() so cfid_release() is calle...

DEBIAN-CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

UBUNTU-CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

Linux Distros Unpatched Vulnerability : CVE-2025-40320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first...

CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

EUVD-2006-2416

Malware in sbrugna...

EUVD-2007-5875

Malware in sbrugna...

EUVD-2024-51850

Malicious code in bioql PyPI...

SUSE CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

DEBIAN-CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

UBUNTU-CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

CVE-2025-37954

CVE-2025-37954 affects the Linux kernel SMB client logic. The issue is a race in open_cached_dir with lease breaks where a pre-existing valid cfid returned by find_or_create_cached_dir can race with a queued lease break, causing open_cached_dir to treat it as newly constructed and leak a dentry r...

kernel: smb: During unmount, ensure all cached dir instances drop their dentry

In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process cifskillsb calling closeallcacheddirs can race with various cached directory operations, which ultimately results in dentries not being...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

CVE-2024-53178

In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with opencacheddir opencacheddir may either race with the tcon reconnection even before compoundsendrecv or directly trigger a reconnection via SMB2openinit or SMBqueryinfoinit. The...

UBUNTU-CVE-2024-56729

In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...