Lucene search
+L

87 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on...

8.8CVSS5.8AI score0.00466EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39289

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

5.7AI score0.00466EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: In the vfs module, a race condition occurred regarding the mFlags field. ksmbd maintains states such as “delete-on-close” and “pending-delete” in the mFlags field of the ksmbdinode structure. In the vfscache.c code, thi...

5.9AI score0.00168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and sav...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the...

8.8CVSS6AI score0.00362EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

A use-after-free flaw was discovered in the setupasyncwork function in the KSMBD implementation of the in-kernel Samba server and CIFS services in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed resources...

6.5CVSS6.5AI score0.01047EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The UAF issue in ksmbdtcpnewconnection has been fixed. The race that occurs is between the process of handling a new TCP connection and its disconnection. This causes a UAF error in the struct tcptransport structure within...

7.8CVSS6AI score0.00828EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A possible reference count leak in smb2open has been fixed. The reference count of ACLs will cause a leak when memory allocation fails. This issue has been addressed by adding the missing posixaclrelease function...

5.5CVSS5.5AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The reference count leak in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing...

5.5CVSS5.9AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: It is required that 3 sub-authorities are present before reading subauth2. parsedacl compares each ACE SID against sidunixNFSmode. When a match is found, it reads sid.subauth2 as the file mode. If sidunixNFSmode represents...

8.6CVSS6AI score0.00366EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.11 views

CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.12 views

CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.00444EPSS
Exploits0
CVE
CVE
added 2026/05/08 2:21 p.m.29 views

CVE-2026-43379

CVE-2026-43379 affects ksmbd (Linux kernel) with a use-after-free in smb_lazy_parent_lease_break_close. The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is accessed after rcu_read_unlock(), creating a race where the memory could be freed by a concurrent writer before subsequent de...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/06 8:47 p.m.19 views

CVE-2026-43185

A flaw was found in ksmbd within the Linux kernel. A remote attacker can exploit a signedness bug in the smbdirectpreparenegotiation function by sending a specially crafted preferredsendsize value during SMB direct negotiation. This manipulation leads to an incorrect size calculation, allowing a...

9.8CVSS6.4AI score0.00622EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.6 views

CVE-2026-43185

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

9.8CVSS6AI score0.00622EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has man...

5.5CVSS6.2AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 2:16 p.m.11 views

CVE-2026-31718

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

9.8CVSS0.00356EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:56 p.m.10 views

CVE-2026-31718

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

9.8CVSS5.7AI score0.00356EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/01 1:56 p.m.28 views

CVE-2026-31711

CVE-2026-31711 concerns the Linux kernel ksmbd server where a leak of active_num_conn occurs during transport allocation failure. The issue lets an unauthenticated remote attacker exacerbate memory pressure by holding connections with large RFC1002 lengths, causing the max_connections pool to be ...

7.5CVSS5.8AI score0.00542EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/05/01 1:56 p.m.9 views

EUVD-2026-26515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

6AI score0.00369EPSS
Exploits0References4
Rows per page
Query Builder