CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

78 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The UAF issue in ksmbdtcpnewconnection has been fixed. The race that occurs is between the process of handling a new TCP connection and its disconnection. This causes a UAF error in the struct tcptransport structure within...

7.8CVSS6.3AI score0.00039EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The issue related to “slab-use-after-free” in smb3preauthhashrsp has been fixed. The function ksmbdusersessionput should be called within smb3preauthhashrsp. This will prevent the session from being freed before calling...

7.8CVSS6.5AI score0.00016EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A potential out-of-bounds error has been fixed when the buffer offset is invalid. I identified a potential out-of-bounds situation when the buffer offset fields of several requests are invalid. This patch sets the minimum...

8.1CVSS6.3AI score0.00031EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a use-after-free issue in Kerberos authentication. The introduction of sess-user = NULL was necessary to fix the dangling pointer created by ksmbdfreeuser. However, it is possible that another thread might be...

9.8CVSS6.3AI score0.00266EPSS

Exploits0References2

UbuntuCve•added 2026/05/08 3:16 p.m.•3 views

CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.0006EPSS

Exploits0References7

CVE•added 2026/05/08 2:21 p.m.•8 views

CVE-2026-43379

CVE-2026-43379 affects ksmbd (Linux kernel) with a use-after-free in smb_lazy_parent_lease_break_close. The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is accessed after rcu_read_unlock(), creating a race where the memory could be freed by a concurrent writer before subsequent de...

9.8CVSS5.7AI score0.0006EPSS

Exploits0References5Affected Software1

Debian CVE•added 2026/05/08 2:21 p.m.•5 views

CVE-2026-43379

9.8CVSS5.7AI score0.0006EPSS

Exploits0

RedhatCVE•added 2026/05/06 8:47 p.m.•2 views

CVE-2026-43185

A flaw was found in ksmbd within the Linux kernel. A remote attacker can exploit a signedness bug in the smbdirectpreparenegotiation function by sending a specially crafted preferredsendsize value during SMB direct negotiation. This manipulation leads to an incorrect size calculation, allowing a...

9.8CVSS6.4AI score0.00053EPSS

Exploits0References4

Debian CVE•added 2026/05/06 11:27 a.m.•3 views

CVE-2026-43185

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

9.8CVSS6AI score0.00053EPSS

Exploits0

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

A use-after-free flaw was discovered in the setupasyncwork function in the KSMBD implementation of the in-kernel Samba server and CIFS services in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed resources...

6.5CVSS6.6AI score0.00067EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A possible reference count leak in smb2open has been fixed. The reference count of ACLs will cause a leak when memory allocation fails. This issue has been addressed by adding the missing posixaclrelease function...

5.5CVSS5.7AI score0.00065EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•9 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

5.5CVSS5.9AI score0.00143EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

5.6AI score0.00034EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A null pointer dereference issue in destroyprevioussession has been fixed. If the -PreviousSessionId is set during the Kerberos session setup phase, a null pointer dereference error may occur. Since sess-user is not set ye...

5.5CVSS5.9AI score0.00076EPSS

Exploits0References2

Tenable Nessus•added 2026/05/02 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-31704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has man...

5.5CVSS5.9AI score0.00015EPSS

Exploits0References3

NVD•added 2026/05/01 2:16 p.m.•2 views

CVE-2026-31718

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

9.8CVSS0.00066EPSS

Exploits0References5

ATTACKERKB•added 2026/05/01 1:56 p.m.•3 views

CVE-2026-31718

9.8CVSS5.7AI score0.00066EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/01 1:56 p.m.•5 views

CVE-2026-31711

CVE-2026-31711 concerns the Linux kernel ksmbd server where a leak of active_num_conn occurs during transport allocation failure. The issue lets an unauthenticated remote attacker exacerbate memory pressure by holding connections with large RFC1002 lengths, causing the max_connections pool to be ...

7.5CVSS5.8AI score0.00383EPSS

Exploits0References6Affected Software1

EUVD•added 2026/05/01 1:56 p.m.•1 views

EUVD-2026-26515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

6AI score0.00056EPSS

Exploits0References4