The vulnerability of the ksmbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ksmbd component in the Linux operating system’s kernel is related to reading data beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-18458

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been resolved in the Linux kernel, specifically in the ksmbd component. The problem occurs when the ksmbd connection is referenced after the ksmbd server threa...

ksmbd: fix integer overflows on 32 bit systems

...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipcmsgalloc can potentially overflow leading to memory corruption. Add bounds checking using KSMBDIPCMAXPAYLOAD to avoid overflow...

ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

...

ksmbd: Fix the missing xa_store error check

...

The vulnerability of the ksmbd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ksmbd component in the Linux operating system’s kernel is related to the assignment of NULL pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...

OESA-2024-1500 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in initsmb2rsphdr If client send smb2 negotiate request and then send smb1 negotiate request, initsmb2rsphdr is called for smb1 negotiat...

CVE-2024-26811

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size of ipc response from ksmbd.mountd to avoid...

UBUNTU-CVE-2023-52479

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix uaf in smb20oplockbreakack drop reference after use opinfo...

SUSE CVE-2023-52442

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request smb2getmsg in smb2getksmbdtcon and smb2checkusersession will always return the first request smb2 header in a compound request. if SMB2TREECONNECTHE is the first command ...

CVE-2023-32258

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

AZL-27635 CVE-2023-32252 affecting package hyperv-daemons for versions less than 5.15.145.2-1

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...

AZL-27402 CVE-2023-32254 affecting package kernel for versions less than 5.15.118.1-1

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2TREEDISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the SMB2LOGOFF command...

Debian: Security Advisory (DLA-108-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux SMB3 Kernel Server (KSMBD) Installed (Linux)

Binary data linuxsmb3kernelserverksmbdlinuxinstalled.nbin...

CVE-2022-41577

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability...

CVE-2022-41577

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability...

Out-of-bounds

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability...