248 matches found
CVE-2023-53052
In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...
CVE-2023-53052
In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...
CVE-2023-53052 cifs: fix use-after-free bug in refresh_cache_worker()
In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...
CVE-2023-53052 cifs: fix use-after-free bug in refresh_cache_worker()
In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...
CVE-2023-53052
CVE-2023-53052 is a Linux kernel vulnerability in the CIFS/DFS codebase, where a use-after-free (UAF) bug occurred when DFS root sessions were kept alive in cifs_umount() during the DFS cache refresher. The fix makes DFS root sessions have the same lifetime as DFS tcons to prevent IPCs from acces...
Huawei HarmonyOS Path Traversal Vulnerability
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a path traversal vulnerability that stems from a security issue in the DFS module, no details of the vulnerability are available at this time...
CVE-2025-31174
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-31174
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-31174
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-31174
CVE-2025-31174 is a path traversal vulnerability reported in Huawei HarmonyOS in the DFS module. The available documents identify the affected component as the DFS module of HarmonyOS and describe the impact as potential exposure of service confidentiality. No concrete exploit details, affected v...
CVE-2025-31174
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2025-15181 · Huawei · Harmonyos
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A path traversal vulnerability exists in the DFS module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At the moment, there is no information abo...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a path traversal vulnerability that stems from a security issue in the DFS module, no details of the vulnerability are available at this time...
UBUNTU-CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible array underflow in the sofipc4prioritymaskdfswrite function of the ASoC SOF component...
CVE-2021-35088
Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure...
CVE-2025-21673
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...
CVE-2025-21673
CVE-2025-21673 affects the Linux kernel CIFS/SMB client logic. The flaw is a double free of TCP_Server_Info::hostname during server shutdown in cifs_put_tcp_session(), where cifsd threads reconnect to multiple DFS targets and may still hold server->hostname, risking use-after-free or kernel in...
PT-2025-34404
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0-rc5-wt-g03960e6f9d47 33 and earlier. Description: A missing lock in the cfg80211 check and end cac function within the Linux kernel's wireless subsystem can lead to issues when callers of wdev chandef do not hold...
kernel: wifi: ath11k: fix dfs radar event locking
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question...