Lucene search
K

59 matches found

Microsoft CVE
Microsoft CVE
added 2026/01/15 9:6 a.m.7 views

ksmbd: skip lock-range check on equal size to avoid size==0 underflow

...

5.4AI score0.00168EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/15 3:18 a.m.7 views

CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

5.7AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/01/13 4:16 p.m.6 views

UBUNTU-CVE-2025-68817

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References41
SUSE CVE
SUSE CVE
added 2025/12/31 12:27 a.m.6 views

SUSE CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

6.6AI score0.00168EPSS
Exploits0References3
OSV
OSV
added 2025/12/16 3:15 p.m.5 views

UBUNTU-CVE-2025-68246

In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...

5.8AI score0.00156EPSS
Exploits0References23
Microsoft CVE
Microsoft CVE
added 2025/10/29 1:3 a.m.6 views

ksmbd: Fix race condition in RPC handle list access

...

4.7CVSS7AI score0.00124EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/04 7:31 a.m.12 views

CVE-2025-39942 ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

0.00136EPSS
Exploits0References5
CVE
CVE
added 2025/09/18 1:33 p.m.31 views

CVE-2023-53399

CVE-2023-53399 affects the Linux kernel’s ksmbd component, specifically a NULL pointer dereference in smb2_get_info_filesystem(). The issue occurs when share is present but share->path is NULL, which can trigger a crash. The connected sources consistently describe the vulnerability as resolved...

5.5CVSS6.2AI score0.00135EPSS
Exploits0References5Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/09/06 8:11 a.m.6 views

smb3: fix for slab out of bounds on mount to ksmbd

...

7.1CVSS6.8AI score0.0014EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 2:38 a.m.6 views

ksmbd: fix overflow in dacloffset bounds check

...

7.1CVSS6.8AI score0.00257EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.4 views

SUSE CVE-2025-38562

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generateencryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generateencryptionkey could happen. sess-PreauthHashValue is...

5.5CVSS6.3AI score0.07142EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/19 5:2 p.m.10 views

CVE-2025-38562 ksmbd: fix null pointer dereference error in generate_encryptionkey

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference error in generateencryptionkey If client send two session setups with krb5 authenticate to ksmbd, null pointer dereference error in generateencryptionkey could happen. sess-PreauthHashValue is...

0.07142EPSS
Exploits0References8
OSV
OSV
added 2025/08/16 2:15 p.m.4 views

DEBIAN-CVE-2023-3866

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in the compound request This patch validate session id and tree id in compound request. If first operation in the compound is SMB2 ECHO request, ksmbd bypass session and tree validation. So...

5.5CVSS5.5AI score0.14332EPSS
Exploits0References1
OSV
OSV
added 2025/08/16 6:15 a.m.4 views

UBUNTU-CVE-2025-38501

In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated...

7.5CVSS5.9AI score0.02113EPSS
Exploits1References31
OSV
OSV
added 2025/07/25 4:15 p.m.3 views

DEBIAN-CVE-2025-38437

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

7.8CVSS6.2AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 4:15 p.m.2 views

UBUNTU-CVE-2025-37947

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the existing stream data length vlen. If pos was greater than or equal to vle...

7.8CVSS6.2AI score0.00204EPSS
Exploits1References27
Vulnrichment
Vulnrichment
added 2025/05/20 4:1 p.m.4 views

CVE-2025-37947 ksmbd: prevent out-of-bounds stream writes by validating *pos

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the existing stream data length vlen. If pos was greater than or equal to vle...

6.1AI score0.00204EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: smb: client: fix TCP timers deadlock after rmmod

REJECTED CVE A vulnerability was suspected in the Linux kernel's SMB client module related to TCP timers and potential deadlocks after module removal rmmod cifs. The issue stemmed from incorrect manual manipulation of sk-sknetrefcnt, which led to TCP timers not being properly cleared, causing...

7.2AI score
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

ksmbd: fix type confusion via race condition when using ipc_msg_send_request

...

8.1CVSS7.2AI score0.00352EPSS
Exploits0
OSV
OSV
added 2025/05/01 2:15 p.m.3 views

UBUNTU-CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

7.8CVSS6.2AI score0.00485EPSS
Exploits0References29
Rows per page
Query Builder