Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 7:55 p.m.3 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: do not expire session on binding failure When a multichannel session binding request fails e.g. wrong password, the error path unconditionally sets...

8.2CVSS7.2AI score0.00499EPSS
Exploits0References2
CVE
CVE
added 2025/08/16 11:12 a.m.42 views

CVE-2025-38523

The CVE-2025-38523 issue affects the Linux kernel CIFS client/server path (smbd_recv/smbd_readv) where data copied from the smbd_response slab via copy_to_iter() could trigger kernel memory exposure when CONFIG_HARDENED_USERCOPY is enabled. The root cause is that the smbd_response slab’s packet f...

5.5CVSS6.8AI score0.00143EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/31 9:15 p.m.5 views

UBUNTU-CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

3.7CVSS5.8AI score0.00433EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/06/12 3:33 a.m.5 views

SUSE CVE-2023-4458

A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...

7.5CVSS8.1AI score0.00833EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/30 12:0 a.m.8 views

The vulnerability of the cifs_signal_cifsd_for_reconnect() function in the Linux kernel’s SMB client implementation allows a hacker to cause a service failure.

The vulnerability of the cifssignalcifsdforreconnect function in the fs/smb/client/connect.c module of the SMB protocol client implementation in Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failur...

5.5CVSS6.6AI score0.00241EPSS
Exploits0References14Affected Software4
Rows per page
Query Builder