Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a memory leak in cifsconstructtcon When using a multiuser mount with domain= specified and cifscreds, cifssetcifscreds will set @ctx-domainname, so it needs to be freed before leaving cifsconstructtcon. This...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011405 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain=...

PT-2026-27668

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where enabling debug logging in the SMB client can expose plaintext credentials. Specifically, the cifs set cifscreds function logs the key payload,...

SUSE CVE-2025-68295

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

EUVD-2025-203785

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

CVE-2025-68295

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

CVE-2025-68295

CVE-2025-68295 is a Linux kernel issue affecting the SMB CIFS client. When using multiuser mounts with domain= and cifscreds, the code path in cifs_set_cifscreds() ends up assigning the domain name to ctx->domainname, and this memory is not freed on exit from cifs_construct_tcon(), causing a m...

CVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

CVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

PT-2025-51699

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the cifs construct tcon function within the SMB client implementation. This leak occurs when a multiuser mount is used with a specified domain...

SUSE CVE-2014-2830

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have unspecified impact via unknown vectors...

GLSA-201612-08 : LinuxCIFS utils: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-201612-08 LinuxCIFS utils: Buffer overflow A stack-based buffer overflow was discovered in cifskey.c or cifscreds.c in LinuxCIFS, as used in pamcifscreds. Impact : A remote attacker could exploit this vulnerability to cause an...

LinuxCIFS utils: Buffer overflow

Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description A stack-based buffer overflow was discovered in cifskey.c or cifscreds.c in LinuxCIFS, as used in “pamcifscreds.” Impact A remote attacker could exploit this vulnerability to cause an...

DEBIAN-CVE-2014-2830

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have unspecified impact via unknown vectors...

UBUNTU-CVE-2014-2830

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have unspecified impact via unknown vectors...