Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7585-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7585-3 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RLSA-2026:21706 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: preventing use-after-free by freeing the cfile later. In smb2compoundop, there is a potential use-after-free issue that may lead to difficult debugging problems in the future. This issue was identified during stress testing...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized server-smbdconn during reconnection. In smbdDestroy, the server-smbdconn pointer is cleared after freeing the smbdconnection structure it points to, so that reconnection won’t be confused...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free has been fixed in rdata-readintopages. When the network status is unstable, a use-after-free may occur when reading data from the server. BUG: KASAN: Use-after-free in readpagesfillpages+0x14c/0x7e0. Cal...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: The folio lock is released upon a successful read from fscache. Under the current code, when cifsreadpageworker is called, the contract between the caller and the callee is that the callee should unlock the page. This is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013497 advisory. A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012962 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN:...

Security update for the Linux Kernel (Live Patch 74 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.280 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zer...

SUSE SLES12 Security Update : kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:1221-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1221-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: -...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1123)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthreadCVE-2023-52572 net: fix data-races around sk-skforwardallocCVE-2024-53124 quota: flush...

Linux Distros Unpatched Vulnerability : CVE-2025-71151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46796)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46796 advisory. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in...

ROS-20260120-7350

A vulnerability in the cifs component of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992809 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...

Linux Distros Unpatched Vulnerability : CVE-2022-50859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a smb3: add smb3.1.1 to default dialect list extend the dialects from 3 to 4, but...

EUVD-2023-60524

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

UBUNTU-CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

RLSA-2025:22854 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix oops due to uninitialised variable CVE-2025-38737 kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: Bluetooth: hcievent: Fix UAF in...