Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the ksmbd component of the Linux kernel. A deadlock occurs when multiple session setup requests are sent simultaneously, which may lead to a denial of service...

Astra Linux - уязвимость в linux-5.15, linux-6.1

A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was discovered in the parsing of extended attributes in the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to data being read beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ksmbd module’s handling of the QUERYINFOSecurity composite request. This vulnerability may le...

PT-2026-34275

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in ksmbd when processing compound requests, such as READ combined with QUERY INFOSecurity. If the initial command consumes most of the response buffer, ksmb...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...

PT-2025-44278

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd component. Specifically, the handle response function does not adequately validate the payload size before attempting to read a handle,...

EUVD-2023-54313

Malicious code in bioql PyPI...

EUVD-2023-42911

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-22039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypa...

Linux Distros Unpatched Vulnerability : CVE-2022-47939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

PT-2025-33761

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A null pointer dereference error in the generate encryptionkey function within the ksmbd module could occur if a client sends two session setups with Kerberos v5 authentication to ksmb...

PT-2025-29047 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the kernel's ksmbd module where the free transport function for TCP connections can be invoked from smbdirect, potentially leading to a kernel oops. This issue has bee...

PT-2025-27636

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the ksmbd module. The issue involves the use of the list first entry macro, which never returns NULL but instead return...

PT-2025-22208

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.93 Linux kernel versions prior to 6.1.140-1 Debian 11 bullseye Linux kernel versions prior to 6.1.140-1deb11u1 Debian 11 bullseye Description The Linux kernel contains a flaw in the ksmbd module related to...

PT-2025-16677

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue in the alloc preauth hash function has been resolved. The issue occurs when a client sends a malformed SMB2 negotiate request, causing the server to retu...

PT-2025-20331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the ksmbd module. The issue arises when the wait event timeout function sets the state of the current task to TASK...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from incorrect validation of the numaces field of smbacl by the ksmbd module, which could lead to memory allocati...

CVE-2025-21945

CVE-2025-21945 affects the Linux kernel (ksmbd) with a use-after-free in smb2_lock. The issue occurs when smb_lock->zero_len is non-zero, causing the ->llist of smb_lock not to be deleted and the flock to reference a freed object during error handling. This is described in the Azure Linux 3...

PT-2025-16714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a mismatch in the increment and decrement of r count in the ksmbd module. This mismatch occurs because r count is only increased when there is an oplock break wai...