Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 12:17 a.m.9 views

CVE-2026-53198

A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel SMB server. An authenticated SMB client can trigger a use-after-free vulnerability by sending a double SMB2CANCEL request for the same asynchronous operation. This can lead to memory corruption, potentially allowing an...

8.8CVSS6.1AI score0.00466EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2misc.c contains an out-of-bounds read and an OOPS error related to the SMB2TREECONNECT function...

6.5CVSS6.8AI score0.58461EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9CVSS6.8AI score0.02593EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9.8CVSS6.8AI score0.02937EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the handling of SMB2LOGOFF commands. The issue arises from the lack of proper validation of a pointer before accessing it. An attacker can exploit this...

7.5CVSS6.5AI score0.0406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw resides in the handling of SMB2SESSIONSETUP commands. The problem arises due to a lack of control over resource consumption. An attacker can exploit this vulnerability to...

7.5CVSS6.7AI score0.03872EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 9:12 p.m.14 views

CVE-2026-43377

A flaw was found in ksmbd in the Linux kernel. When KSMBDDEBUGAUTH logging is enabled, sensitive session, signing, encryption, and decryption key bytes are logged. This can lead to information disclosure, potentially exposing user credentials...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31718

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle...

9.8CVSS6.5AI score0.00356EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-31610

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/24 8:33 p.m.7 views

CVE-2026-31610

A flaw was found in ksmbd, a component of the Linux kernel. A remote, unauthenticated attacker could exploit a flaw in the SPNEGO Simple and Protected GSSAPI Negotiation Mechanism decode process. This could lead to a memory leak, potentially causing a Denial of Service DoS on the affected system...

5.5CVSS5.3AI score0.00136EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 6:35 p.m.8 views

CVE-2026-31477

A flaw was found in ksmbd in the Linux kernel. Error handling issues within the smb2lock function can lead to memory leaks. Additionally, an allocation failure in smbflockinit can result in a NULL pointer dereference, causing the kernel to crash. This vulnerability could allow a local attacker to...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010701 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

6.5CVSS6.8AI score0.58461EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer...

6.1AI score0.00168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-32256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a...

7.5CVSS6.9AI score0.00526EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.4 views

PT-2025-33536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in ksmbd where repeated connections from clients using the same IP address can exhaust connection limits, potentially preventing legitimate client...

7.5CVSS5.8AI score0.02113EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-47940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in...

8.1CVSS6.4AI score0.01393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-32258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOS...

8.1CVSS6.9AI score0.02515EPSS
Exploits0References2
OSV
OSV
added 2024/01/23 11:15 a.m.5 views

UBUNTU-CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

7.8CVSS6.8AI score0.00252EPSS
Exploits0References9
OSV
OSV
added 2023/11/01 8:15 p.m.6 views

CVE-2023-1193

A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work...

6.5CVSS6.6AI score0.01047EPSS
Exploits0References3
OSV
OSV
added 2023/07/24 4:15 p.m.12 views

AZL-27640 CVE-2023-32258 affecting package hyperv-daemons for versions less than 5.15.145.2-1

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS6.9AI score0.02515EPSS
Exploits0References1
Rows per page
Query Builder