EUVD-2026-32248

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...

CVE-2022-50767 fbdev: smscufx: Fix several use-after-free bugs

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufxopsdestroy function to .fbdestroy of fbops, and in this function, there is krefput that finally calls...

EUVD-2025-203670

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...

CVE-2025-68226

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...

CVE-2025-68226

CVE-2025-68226 concerns a Linux kernel SMB client issue where a backport fix was incomplete: a kref_put() in cfids_invalidation_worker() was not converted to close_cached_dir(), leaving a potential UAF path. Multiple sources (RH, DebianOSV, OSV, NVD/NASL-style citations) describe the resolved vul...

PT-2025-51639

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB client related to an incomplete backport in the cfids invalidation worker function. A previous commit aimed to address a potential use-after-free...

CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...

CVE-2025-40328

CVE-2025-40328 : In the Linux kernel, the smb client could suffer a use-after-free in smb2_close_cached_fid() due to a race where a new reference could be grabbed after kref_put() dropped to zero but before cfid_list_lock is acquired. The fix switches to kref_put_lock() so cfid_release() is calle...

CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...

Linux Distros Unpatched Vulnerability : CVE-2025-40328

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but befor...

TencentOS Server 4: kernel (TSSA-2025:0435)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0435 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

SUSE CVE-2024-56631

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a use-after-free bug in sgrelease, detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...

UBUNTU-CVE-2024-56631

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a use-after-free bug in sgrelease, detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...