188 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Avoid NULL pointer dereferencing in debug calls. The cifsserverdbg function assumes that the server variable is non-NULL; therefore, move the call under conditions that prevent NULL pointer dereferencing. Identified by t...
SUSE-SU-2026:20667-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm...
EUVD-2026-5840
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...
CVE-2025-71151
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003610)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003610 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out- of-bounds read because data structures are incompletely...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003587 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after- free. NOTE: this was not fixed correctly in 5.0.10; see the...
SUSE CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
Linux Distros Unpatched Vulnerability : CVE-2022-50856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix xid leak in cifssesaddchannel Before return, should free the xid, otherwise, the xid will be leaked. CVE-2022-50856 Note that Nessus relies on the...
UBUNTU-CVE-2023-54203
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...
CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
CVE-2023-54258
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...
CVE-2022-50856
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifssesaddchannel Before return, should free the xid, otherwise, the xid will be leaked...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989331)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989331 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...
AZL-69436 CVE-2025-40099 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...
EUVD-2007-2439
Malware in sbrugna...
EUVD-2011-3327
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986522)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986522 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during...
SUSE-SU-2025:03301-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. - CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089. -...
CVE-2023-53427 cifs: Fix warning and UAF when destroy the MR list
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery work not initialized and list not cleared. Then will be warning and UAF when release the MR: WARNING: CPU: 4 PID: 824 at...
CVE-2023-53377
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...