Azure Linux 3.0 Security Update: kernel (CVE-2024-49988)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49988 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct Wh...

EUVD-2025-9365

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: prevent connection release during oplock break notification ksmbdwork could be freed when after connection release. Increment rcount of ksmbdconn to...

DEBIAN-CVE-2025-38325

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add freetransport ops in ksmbd connection freetransport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add freetransport ops in ksmbd connection, and add each freetransports...

CVE-2025-38325 ksmbd: add free_transport ops in ksmbd connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add freetransport ops in ksmbd connection freetransport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add freetransport ops in ksmbd connection, and add each freetransports...

CVE-2025-38325

The CVE-2025-38325 entry covers a Linux kernel issue in the ksmbd subsystem. The vulnerability arises because the free_transport function for a TCP connection could be invoked via the smbdirect path, potentially triggering a kernel oops. The published patch adds free_transport ops to the ksmbd co...

CVE-2025-38325 ksmbd: add free_transport ops in ksmbd connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add freetransport ops in ksmbd connection freetransport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add freetransport ops in ksmbd connection, and add each freetransports...

CVE-2025-38325

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add freetransport ops in ksmbd connection freetransport function for tcp connection can be called from smbdirect. It will cause kernel oops. This patch add freetransport ops in ksmbd connection, and add each freetransports...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of a freetransport operation in the ksmbd connection, which could cause the kernel to crash...

CVE-2025-37777

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2leasebreaknoti Move tcptransport free to ksmbdconnfree. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn-tcptransport is freed...

CVE-2025-21955

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent connection release during oplock break notification ksmbdwork could be freed when after connection release. Increment rcount of ksmbdconn to indicate that requests are not finished yet and to not release the...

Linux Distros Unpatched Vulnerability : CVE-2024-49988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a...

PT-2025-36314

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A reference count leak exists in ksmbd when ksmbd conn releasingopinfo-conn returns true. This leak prevents the reference count from reaching zero, hindering memory release...

SUSE CVE-2024-49988

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...

AZL-51771 CVE-2024-49988 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a reference counting problem in the ksmbdconn structure in the ksmbd subsystem...

DEBIAN-CVE-2024-26592

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcptransport in ksmbdtcpnewconnection function...

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_check_message) that may lead to out-of-bounds access.

...

DEBIAN-CVE-2023-38429

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation because of ksmbdsmb2checkmessage that may lead to out-of-bounds access...