CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an out-of-bounds write issue in smb2getea when performing EA alignment. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the...

9.8CVSS5.9AI score0.00394EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a potential out-of-bounds write issue in getfileallinfo for compound requests. When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION, and the first command consumes nearly the entire...

8.8CVSS5.6AI score0.006EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed the OOB write issue in QUERYINFO for compound requests. When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd might write beyond...

8.8CVSS5.5AI score0.00507EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an issue where shareconf was freed after use, in compound requests. smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks that tstate is equal to...

9.8CVSS5.5AI score0.00331EPSS

Exploits0References1

SUSE CVE•added 2026/05/02 1:25 a.m.•9 views

SUSE CVE-2026-31705

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds write in smb2getea EA alignment smb2getea applies 4-byte alignment padding via memset after writing each EA entry. The bounds check on buffreelen is performed before the value memcpy, but the alignment...

7.8CVSS5.9AI score0.00394EPSS

Exploits0References4

NVD•added 2026/05/01 2:16 p.m.•1 views

CVE-2026-31705

9.8CVSS0.00394EPSS

Exploits0References6

Cvelist•added 2026/05/01 1:56 p.m.•32 views

CVE-2026-31705 ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment

9.8CVSS0.00394EPSS

Exploits0References6

EUVD•added 2026/05/01 1:56 p.m.•6 views

EUVD-2026-26514

5.9AI score0.00394EPSS

Exploits0References5

CVE•added 2026/05/01 1:56 p.m.•39 views

CVE-2026-31705

The CVE-2026-31705 issue affects the ksmbd component of the Linux kernel, where an out-of-bounds write occurs in smb2_get_ea() during EA alignment padding. After writing each EA entry, a 4-byte alignment padding is applied with memset() unconditionally, potentially overwriting adjacent kernel hea...

9.8CVSS5.9AI score0.00394EPSS

Exploits0References6Affected Software1

CNNVD•added 2026/05/01 12:0 a.m.•8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the smb2getea function’s memset operation, where the remaining space after the EA alignment is no...

9.8CVSS5.9AI score0.00394EPSS

Exploits0References1

Microsoft CVE•added 2026/04/23 8:7 a.m.•4 views

ksmbd: fix potencial OOB in get_file_all_info() for compound requests

...

8.8CVSS5.2AI score0.006EPSS

Exploits0

SUSE CVE•added 2026/04/23 1:26 a.m.•13 views

SUSE CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS5.8AI score0.00507EPSS

Exploits0References3

EUVD•added 2026/04/22 9:31 a.m.•0 views

EUVD-2026-24640

5.8AI score0.00507EPSS

Exploits0References5

EUVD•added 2026/04/22 9:31 a.m.•2 views

EUVD-2026-24641

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

5.8AI score0.006EPSS

Exploits0References8

NVD•added 2026/04/22 9:16 a.m.•5 views

CVE-2026-31432

8.8CVSS0.00507EPSS

Exploits0References5

Cvelist•added 2026/04/22 8:15 a.m.•29 views

CVE-2026-31433 ksmbd: fix potencial OOB in get_file_all_info() for compound requests

8.8CVSS0.006EPSS

Exploits0References7

CVE•added 2026/04/22 8:15 a.m.•10 views

CVE-2026-31433

CVE-2026-31433 affects the Linux kernel ksmbd module. A vulnerability arises when processing a compound SMB request of QUERY_DIRECTORY + QUERY_INFO (FILE_ALL_INFORMATION): the code lacked a validation check on the client-provided OutputBufferLength before copying a filename into the smb2_file_all...

8.8CVSS5.8AI score0.006EPSS

Exploits0References7Affected Software1

ATTACKERKB•added 2026/04/22 8:15 a.m.•4 views

CVE-2026-31433

5.8AI score0.006EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/04/22 8:15 a.m.•26 views

CVE-2026-31432 ksmbd: fix OOB write in QUERY_INFO for compound requests

8.8CVSS0.00507EPSS

Exploits0References5

CVE•added 2026/04/22 8:15 a.m.•28 views

CVE-2026-31432

CVE-2026-31432 affects the Linux kernel ksmbd component. Affected handling of compound requests (e.g., READ + QUERY_INFO(Security)) could allow an out-of-bounds write when the first READ command consumes most of the response buffer and ksmbd builds a security descriptor. The root cause is that sm...

8.8CVSS5.8AI score0.00507EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by