Linux Distros Unpatched Vulnerability : CVE-2026-31476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: do not expire session on binding failure When a multichannel session binding request fails e.g. wrong password, the error path unconditionally sets...

CVE-2025-38523

The CVE-2025-38523 issue affects the Linux kernel CIFS client/server path (smbd_recv/smbd_readv) where data copied from the smbd_response slab via copy_to_iter() could trigger kernel memory exposure when CONFIG_HARDENED_USERCOPY is enabled. The root cause is that the smbd_response slab’s packet f...

UBUNTU-CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...

SUSE CVE-2023-4458

A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...