44 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: smb/server: fixed a potential null-ptr-deref of leasectxinfo in smb2open A null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. This issue can be fixed by checking whether...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the refcount leak in parsedurablehandlecontext. When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added a bounds check for the durable handle context. A missing bounds check was added for the durable handle context...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the owner of the durable handle upon reconnection. Currently, ksmbd does not verify whether the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any...
Exploit for CVE-2026-31717
CVE-2026-31717: ksmbd DHnC Durable-Handle Reconnect Access-Con...
SUSE CVE-2026-31717
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
Linux Distros Unpatched Vulnerability : CVE-2026-31717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user w...
CVE-2026-31717
A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability allows an authenticated user to hijack an orphaned durable handle by predicting or brute-forcing its persistent ID. This could lead to unauthorized access to file sessions and potentially sensitive data or services...
CVE-2026-31717
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
CVE-2026-31717
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
CVE-2026-31717
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
CVE-2026-31717 ksmbd: validate owner of durable handle on reconnect
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
EUVD-2026-26526
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...
CVE-2026-31717
In the Linux kernel ksmbd, a vulnerability allows an authenticated user to hijack an orphaned durable handle by reconnecting with a different security context. The issue stems from ksmbd not verifying that the requester’s SecurityContext matches the original opener when a durable handle is reconn...
PT-2026-36347
Name of the Vulnerable Software and Affected Versions Linux kernel ksmbd affected versions not specified Description The ksmbd SMB server fails to verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows an authenticated user to...
PT-2026-36348
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module of the Linux kernel. When a durable file handle persists after a session disconnect TCP close without SMB2 LOGOFF, the session fd check...
CVE-2025-71204
A reference count leak flaw was found in the Linux kernel's ksmbd in-kernel SMB server. In the parsedurablehandlecontext function, when a command is detected as a replay operation and returns -ENOEXEC, the reference count of the ksmbdfile structure is not properly released. This leads to a resour...
SUSE CVE-2025-71204
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...
CVE-2025-71204
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...
UBUNTU-CVE-2025-71204
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...