Lucene search
K

248 matches found

NVD
NVD
added 2025/05/02 4:15 p.m.39 views

CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

7.8CVSS0.00158EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.6 views

CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

7.8CVSS6.1AI score0.00158EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.36 views

CVE-2023-53052 cifs: fix use-after-free bug in refresh_cache_worker()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

0.00158EPSS
Exploits0References2
OSV
OSV
added 2025/05/02 3:55 p.m.7 views

CVE-2023-53052 cifs: fix use-after-free bug in refresh_cache_worker()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

7.8CVSS5.8AI score0.00158EPSS
Exploits0References5
CVE
CVE
added 2025/05/02 3:55 p.m.132 views

CVE-2023-53052

CVE-2023-53052 is a Linux kernel vulnerability in the CIFS/DFS codebase, where a use-after-free (UAF) bug occurred when DFS root sessions were kept alive in cifs_umount() during the DFS cache refresher. The fix makes DFS root sessions have the same lifetime as DFS tcons to prevent IPCs from acces...

7.8CVSS6.5AI score0.00158EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2025/04/18 12:0 a.m.3 views

Huawei HarmonyOS Path Traversal Vulnerability

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a path traversal vulnerability that stems from a security issue in the DFS module, no details of the vulnerability are available at this time...

7.5CVSS6.3AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 5:10 a.m.24 views

CVE-2025-31174

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS7.2AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2025/04/07 4:15 a.m.3 views

CVE-2025-31174

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS5.8AI score0.00382EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/07 3:57 a.m.7 views

CVE-2025-31174

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.8CVSS6.9AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2025/04/07 3:57 a.m.76 views

CVE-2025-31174

CVE-2025-31174 is a path traversal vulnerability reported in Huawei HarmonyOS in the DFS module. The available documents identify the affected component as the DFS module of HarmonyOS and describe the impact as potential exposure of service confidentiality. No concrete exploit details, affected v...

7.5CVSS7.1AI score0.00382EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/07 3:57 a.m.19 views

CVE-2025-31174

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.8CVSS0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.5 views

PT-2025-15181 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A path traversal vulnerability exists in the DFS module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At the moment, there is no information abo...

7.5CVSS6.1AI score0.00382EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.3 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a path traversal vulnerability that stems from a security issue in the DFS module, no details of the vulnerability are available at this time...

7.5CVSS6.6AI score0.00382EPSS
Exploits0References2
OSV
OSV
added 2025/03/27 5:15 p.m.6 views

UBUNTU-CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

7.8CVSS5.7AI score0.00235EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible array underflow in the sofipc4prioritymaskdfswrite function of the ASoC SOF component...

7.8CVSS5.3AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/06 3:20 a.m.14 views

CVE-2021-35088

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure...

9.1CVSS7AI score0.00817EPSS
Exploits0References1
NVD
NVD
added 2025/01/31 12:15 p.m.11 views

CVE-2025-21673

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...

5.5CVSS0.002EPSS
Exploits0References3
CVE
CVE
added 2025/01/31 11:25 a.m.177 views

CVE-2025-21673

CVE-2025-21673 affects the Linux kernel CIFS/SMB client logic. The flaw is a double free of TCP_Server_Info::hostname during server shutdown in cifs_put_tcp_session(), where cifsd threads reconnect to multiple DFS targets and may still hold server->hostname, risking use-after-free or kernel in...

5.5CVSS7.2AI score0.002EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.7 views

PT-2025-34404

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0-rc5-wt-g03960e6f9d47 33 and earlier. Description: A missing lock in the cfg80211 check and end cac function within the Linux kernel's wireless subsystem can lead to issues when callers of wdev chandef do not hold...

5.5CVSS6AI score0.00111EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.8 views

kernel: wifi: ath11k: fix dfs radar event locking

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question...

8.8CVSS6.9AI score0.01EPSS
Exploits0References5
Rows per page
Query Builder