165 matches found
UBUNTU-CVE-2025-37750
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...
CVE-2025-37750
CVE-2025-37750: Linux kernel SMB client UAF in decryption with multichannel resolved. After commits f7025d861694 and b0abcd65ec54, multiple cifsd threads could access the AEAD crypto context simultaneously, causing a use-after-free during decryption. The issue triggered KASAN reports (gf128mul_4k...
CVE-2025-37750 smb: client: fix UAF in decryption with multichannel
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...
CVE-2025-37750
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...
CVE-2025-37750 smb: client: fix UAF in decryption with multichannel
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...
Microsoft Azure Bot Framework SDK 授权问题漏洞
The Microsoft Azure Bot Framework SDK is a development framework for building, testing, and deploying enterprise-grade conversational AI bots with support for multi-channel integration and natural language processing from Microsoft USA. An authorization issue vulnerability exists in the Microsoft...
SUSE CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
SUSE CVE-2025-22041
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...
CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
DEBIAN-CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
DEBIAN-CVE-2025-22041
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...
UBUNTU-CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
UBUNTU-CVE-2025-22041
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...
CVE-2025-22041 ksmbd: fix use-after-free in ksmbd_sessions_deregister()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...
CVE-2025-22041 ksmbd: fix use-after-free in ksmbd_sessions_deregister()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...
CVE-2025-22040 ksmbd: fix session use-after-free in multichannel connection
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
CVE-2025-22040 ksmbd: fix session use-after-free in multichannel connection
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
CVE-2025-22040
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...
PT-2025-16681
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue can occur in the Linux kernel's ksmbd component, specifically in the ksmbd sessions deregister function. This issue arises in multichannel mode when the second...
SUSE CVE-2024-49988
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...