14 matches found
CVE-2026-46155 smb/client: fix out-of-bounds read in smb2_compound_op()
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...
EUVD-2026-32782
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...
CVE-2026-46155
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed incorrect index references in smb2compoundop. In smb2compoundop, the loop that processes each command’s response uses incorrect indices when accessing response buffers. This incorrect indexing leads to improper...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
EUVD-2025-198437
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
AZL-70660 CVE-2025-40210 affecting package kernel for versions less than 6.6.112-1
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-39975
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2compoundop In smb2compoundop, the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling o...
PT-2025-47718
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s Network File System daemon NFSD related to the handling of NFSv4 COMPOUND operations. Specifically, a previous change removed a limit on the number of...
CVE-2023-53377
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
CVE-2023-53377 cifs: prevent use-after-free by freeing the cfile later
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
CVE-2023-53377 cifs: prevent use-after-free by freeing the cfile later
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...
CVE-2025-39819 fs/smb: Fix inconsistent refcnt update
In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment secti...
PT-2024-6855
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52 Description The vulnerability is related to a use-after-free issue in the smb2 set path size function. When smb2 compound op is called with a valid @cfile and returns -EINVAL, the reference to @cfile is...