kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

CVE-2026-41013 Tenant-controlled comma smuggles arbitrary CIFS mount options

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...

UBUNTU-CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free bug has been fixed in refreshcacheworker. The UAF bug occurred because we were putting DFS root sessions in cifsumount while the DFS cache refresher was executing. We now ensure that DFS root sessions ha...

CVE-2026-31693

A flaw was found in the Linux kernel's Common Internet File System cifs component. This vulnerability occurs when certain local variables are not properly reinitialized during the replay of a request. This oversight can lead to unexpected system behavior or instability, potentially resulting in a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010951)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010951 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP,...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49996)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49996 advisory. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing N...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002106 advisory. Race condition in the smbsendrqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service NULL pointer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002739 advisory. The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setupntlmv2rsp that allows an attacker controlling a CIFS...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993135 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

UBUNTU-CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

CVE-2023-54280

CVE-2023-54280 affects the Linux kernel CIFS/IPC path. The vulnerability was a race in tree connecting IPC that could access TCP_Server_Info::hostname during IPC tree construction, potentially freeing the hostname in a cifsd thread and causing a use-after-free in __tree_connect_dfs_target(). The ...

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

CVE-2023-54076

Technical details about CVE-2023-54076 are not publicly provided in the supplied documents. Monitor for vendor advisories for full specifics and remediation guidance.

ROS-20251215-7313

A vulnerability in the cifs.upcall function of the CIFS cifs-utils network file system mount utility package is related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to disclose protected information...

CVE-2023-53794

In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...

SUSE CVE-2022-50643

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...