Lucene search
K

165 matches found

OSV
OSV
added 2025/05/01 1:15 p.m.12 views

UBUNTU-CVE-2025-37750

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

7.8CVSS6.2AI score0.00158EPSS
Exploits0References19
CVE
CVE
added 2025/05/01 12:55 p.m.141 views

CVE-2025-37750

CVE-2025-37750: Linux kernel SMB client UAF in decryption with multichannel resolved. After commits f7025d861694 and b0abcd65ec54, multiple cifsd threads could access the AEAD crypto context simultaneously, causing a use-after-free during decryption. The issue triggered KASAN reports (gf128mul_4k...

7.8CVSS6.3AI score0.00158EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/05/01 12:55 p.m.11 views

CVE-2025-37750 smb: client: fix UAF in decryption with multichannel

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

0.00158EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/05/01 12:55 p.m.15 views

CVE-2025-37750

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

7.8CVSS5.7AI score0.00158EPSS
Exploits0
OSV
OSV
added 2025/05/01 12:55 p.m.7 views

CVE-2025-37750 smb: client: fix UAF in decryption with multichannel

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

7.8CVSS6AI score0.00158EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.4 views

Microsoft Azure Bot Framework SDK 授权问题漏洞

The Microsoft Azure Bot Framework SDK is a development framework for building, testing, and deploying enterprise-grade conversational AI bots with support for multi-channel integration and natural language processing from Microsoft USA. An authorization issue vulnerability exists in the Microsoft...

9.8CVSS6.3AI score0.00879EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/18 11:20 p.m.5 views

SUSE CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS7.6AI score0.00606EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/04/18 11:20 p.m.3 views

SUSE CVE-2025-22041

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...

8.8CVSS7.7AI score0.00599EPSS
Exploits0References3
NVD
NVD
added 2025/04/16 3:15 p.m.6 views

CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS0.00606EPSS
Exploits0References7
OSV
OSV
added 2025/04/16 3:15 p.m.3 views

DEBIAN-CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS5.7AI score0.00606EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:15 p.m.2 views

DEBIAN-CVE-2025-22041

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...

8.8CVSS5.7AI score0.00599EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:15 p.m.6 views

UBUNTU-CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS6.2AI score0.00606EPSS
Exploits0References26
OSV
OSV
added 2025/04/16 3:15 p.m.7 views

UBUNTU-CVE-2025-22041

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...

8.8CVSS6.2AI score0.00599EPSS
Exploits0References26
Vulnrichment
Vulnrichment
added 2025/04/16 2:11 p.m.12 views

CVE-2025-22041 ksmbd: fix use-after-free in ksmbd_sessions_deregister()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...

8.8CVSS7.5AI score0.00599EPSS
Exploits0References6
OSV
OSV
added 2025/04/16 2:11 p.m.8 views

CVE-2025-22041 ksmbd: fix use-after-free in ksmbd_sessions_deregister()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdsessionsderegister In multichannel mode, UAF issue can occur in sessionderegister when the second channel sets up a session through the connection of the first channel. session that is freed...

8.8CVSS6.1AI score0.00599EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/04/16 2:11 p.m.16 views

CVE-2025-22040 ksmbd: fix session use-after-free in multichannel connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS7.4AI score0.00606EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/16 2:11 p.m.18 views

CVE-2025-22040 ksmbd: fix session use-after-free in multichannel connection

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS0.00606EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/04/16 2:11 p.m.4 views

CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbdsessionsderegister. The session can be freed before the connection is added to channel list of session. This...

8.8CVSS5.7AI score0.00606EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/22 12:0 a.m.6 views

PT-2025-16681

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue can occur in the Linux kernel's ksmbd component, specifically in the ksmbd sessions deregister function. This issue arises in multichannel mode when the second...

8.8CVSS7.7AI score0.00599EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/10/29 4:16 a.m.3 views

SUSE CVE-2024-49988

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...

6.7CVSS7.6AI score0.00233EPSS
Exploits0References5
Rows per page
Query Builder