Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds read in the smb2compoundop function within the smb client. This vulnerability ma...

PT-2026-43861

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in command file write due to missing size checks The command file write handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

CVE-2026-45252

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix an off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at...

PT-2026-41713

Name of the Vulnerable Software and Affected Versions NetBSD versions prior to commit ec8451e Description A race condition in the cryptodev op function within the opencrypto subsystem allows local attackers to trigger a double-free condition on SMP Symmetric Multiprocessing systems. This occurs...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized payload of NLMSGDONE in the nfnetlinklog, leading to a leak of kernel heap data...

CVE-2026-31705

A flaw was found in the ksmbd component of the Linux kernel. This out-of-bounds write vulnerability occurs when processing Server Message Block SMB extended attribute EA information. Specifically, the smb2getea function performs an unconditional memory write for alignment padding without checking...

CVE-2026-3006

A flaw was found in winfsp. A local attacker could exploit a race condition vulnerability, which may lead to a kernel heap overflow. This could potentially result in local privilege escalation, granting the attacker system-level access to the affected software...

CVE-2026-3006

Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...

EUVD-2026-25755

Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...

CVE-2026-3006 Race Condition Vulnerability

Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...

CVE-2026-3006 Race Condition Vulnerability

Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...

CVE-2026-3006

CVE-2026-3006 is a race-condition vulnerability whose description states it can allow triggering a kernel heap overflow, potentially enabling local privilege escalation. A PT-Security advisory indicates WinFsp 2026 Beta1 includes an important fix for this vulnerability, recommending upgrading to ...

CVE-2026-3006

Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level access to the affected software...

WinFsp 竞争条件问题漏洞

WinFsp is an open-source file management system developed by WinFsp. WinFsp has a race condition vulnerability, which stems from race conditions. This vulnerability can lead to kernel heap overflows, resulting in local privilege escalation and system-level access...

SUSE CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

DEBIAN-CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

CVE-2026-31614 smb: client: fix off-by-8 bounds check in check_wsl_eas()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...