Lucene search
K

10 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed a race condition between session lookup and expire operations. Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | //...

7CVSS6.4AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21947)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21947 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race...

8.1CVSS6.7AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 5:2 p.m.9 views

CVE-2025-38561 ksmbd: fix Preauh_HashValue race condition

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...

8.5CVSS6.1AI score0.00391EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-26592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbdtcpnewconnection The race is between the handling of a new TCP...

7.8CVSS6.3AI score0.00828EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.4 views

PT-2024-35633

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between SMB request handling in ksmbd conn handler loop and the freeing of ksmbd conn in the workqueue handler handle ksmbd work. This leads to a use-after-free U...

7.8CVSS6.8AI score0.03558EPSS
Exploits1References92
OSV
OSV
added 2024/02/29 6:15 a.m.3 views

DEBIAN-CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

7CVSS5.8AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2024/02/29 6:15 a.m.5 views

UBUNTU-CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

7CVSS6.2AI score0.0018EPSS
Exploits0References5
OSV
OSV
added 2024/02/15 11:14 p.m.5 views

USN-6626-3 linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15 vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS6.8AI score0.0406EPSS
Exploits0References11
OSV
OSV
added 2024/02/08 12:9 a.m.7 views

USN-6626-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS6.9AI score0.0406EPSS
Exploits0References11
OSV
OSV
added 2023/09/08 10:26 p.m.5 views

USN-6338-2 linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7AI score0.0406EPSS
Exploits0References12
Rows per page
Query Builder