Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The lock-range check for files with equal size is skipped, to avoid underflow when size == 0. When size equals the current isize including 0, the code that calls checklockrangefilp, isize, size - 1, WRITE will compute size...

SUSE CVE-2026-31611

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require 3 sub-authorities before reading subauth2 parsedacl compares each ACE SID against sidunixNFSmode and on match reads sid.subauth2 as the file mode. If sidunixNFSmode is the prefix S-1-5-88-3 with numsubauth = 2 then...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38092)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38092 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for...

AZL-74423 CVE-2025-68809 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

K000159062: Linux kernel vulnerability CVE-2024-56627

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbdvfsstreamread An offset from client could be a negative value, it could lead to an out-of-bounds read from the streambuf. Note that this issue is coming when...

CVE-2025-40039

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix race condition in RPC handle list access The 'sess-rpchandlelist' XArray manages RPC handles within a ksmbd session. Access to this list is intended to be protected by 'sess-rpclock' an rwsemaphore. However, the lockin...

EUVD-2025-20065

Malicious code in bioql PyPI...

EUVD-2025-13043

Malicious code in bioql PyPI...

EUVD-2024-45139

Malicious code in bioql PyPI...

EUVD-2025-22704

Malicious code in bioql PyPI...

EUVD-2025-11217

Malicious code in bioql PyPI...

EUVD-2025-13199

Malicious code in bioql PyPI...

CVE-2023-53358 ksmbd: fix racy issue under cocurrent smb2 tree disconnect

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...

CVE-2025-38437

CVE-2025-38437 : In the Linux kernel, a use-after-free in ksmbd during oplock/lease break ack was fixed. If ksmbd_iov_pin_rsp returns an error, use-after-free can occur by accessing opinfo->state and opinfo_put, and ksmbd_fd_put could be called twice. The vulnerability affects the ksmbd compon...

CVE-2025-38437 ksmbd: fix potential use-after-free in oplock/lease break ack

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

CVE-2025-38437

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potential use-after-free in oplock/lease break ack If ksmbdiovpinrsp return error, use-after-free can happen by accessing opinfo-state and opinfoput and ksmbdfdput could called twice...

CVE-2025-38191

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroyprevioussession If client set -PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess-user is not set yet, It can pass the user...

CVE-2025-38092 ksmbd: use list_first_entry_or_null for opinfo_get_list()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...

CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...

CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...