Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993108 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifsserverdbg implies server to be non-NULL so...

EUVD-2006-5076

Malware in sbrugna...

EUVD-2001-0963

Malware in sbrugna...

EUVD-2009-2008

Malware in sbrugna...

EUVD-2018-11719

Malware in sbrugna...

EUVD-2022-5157

Malicious code in bioql PyPI...

CVE-2018-1999038

A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials...

PT-2025-20495

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference issue in the Linux kernel has been resolved. The issue is related to the cifs server dbg function, which implies that the server should be non-NULL. To avoid t...

Linux Distros Unpatched Vulnerability : CVE-2018-1066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a...

CVE-2024-42256

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...

CVE-2024-42256 cifs: Fix server re-repick on subrequest retry

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...

kernel: keys: Fix linking a duplicate key to a keyring's assoc_array

A race condition was found in the Linux kernel's keyring subsystem. When concurrent DNS queries resolve the same hostname, a duplicate index key can be created in the keyring's assocarray. The assocarray implementation has a BUGON check that detects this invalid state, causing a kernel crash. Thi...

kernel: keys: Fix linking a duplicate key to a keyring's assoc_array

A race condition was found in the Linux kernel's keyring subsystem. When concurrent DNS queries resolve the same hostname, a duplicate index key can be created in the keyring's assocarray. The assocarray implementation has a BUGON check that detects this invalid state, causing a kernel crash. Thi...

K15735: SMB vulnerability CVE-2014-7145

Security Advisory Description The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and client system crash or possibly have unspecified other impact by deleting the IPC$ share during resolutio...

Jenkins Publisher Over CIFS Plugin confused deputy vulnerability

A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials. Additionally, this form validation method did...

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

Null pointer dereference

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...

CVE-2018-1066

CVE-2018-1066 affects the Linux kernel prior to 4.11, where a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() can cause a kernel panic on clients mounting a CIFS server, due to mishandling of an empty TargetInfo field in NTLMSSP during session recovery. Connected documents co...

CVE-2018-1066

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation...