1810 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what t...
CVE-2026-45924
A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability occurs because ksmbdvfskernpathendremoving is not called on certain error paths, leading to unbalanced inode locks and references. This can result in potential deadlocks and unbalanced locks, which may cause system...
EUVD-2026-32390
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
UBUNTU-CVE-2026-45924
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
CVE-2026-45924
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
CVE-2026-45924 ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
CVE-2026-45924
CVE-2026-45924 affects the Linux kernel’s ksmbd integration. The flaw involves missing calls to ksmbd_vfs_kern_path_end_removing() on some error paths, needed to balance the successful ksmbd_vfs_kern_path_start_removing() calls. This can leave locks unbalanced and potentially cause deadlocks (per...
CVE-2026-45924
ksmbd: call ksmbdvfskernpathendremoving on some error paths...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from certain incorrect paths in ksmbd that do not invoke the ksmbdvfskernpathendremoving function. Thi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a resource leak in ksmbdsessionrpcopen. When ksmbdrpcopen fails, it must call ksmbdrpcidfree to undo the results of ksmbdipcidalloc...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a NULL pointer dereferencing issue in smb2getinfofilesystem. If share is provided, share-path will be NULL, which can lead to a NULL pointer dereferencing issue...
Astra Linux - уязвимость в linux-5.15
A vulnerability has been identified in the ksmbd component of the Linux kernel the kernel SMB/CIFS server. A security measure designed to prevent dictionary attacks—which introduces a 5-second delay during session setup—can be bypassed through the use of asynchronous requests. This bypass defeats...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.4. In the fs/ksmbd/connection.c file of ksmbd, there is an off-by-one error in memory allocation due to ksmbdsmb2checkmessage, which may lead to out-of-bounds access...
Astra Linux - уязвимость в linux-5.15
A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.8. In the file fs/smb/server/connection.c of ksmbd, the relationship between the length field of the NetBIOS header and the sizes of the SMB headers is not validated, as handled through the pdudsize function in ksmbdconnhandlerloop. Th...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: a out-of-bounds error in initsmb2rsphdr has been fixed. If a client sends a SMB2 negotiate request and then a SMB1 negotiate request, initsmb2rsphdr is called for the SMB1 negotiate request, since needneg is set to false...