Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb/server: fixed a potential null-ptr-deref of leasectxinfo in smb2open A null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. This issue can be fixed by checking whether...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A memory leak was fixed in the parseleasestate function. The previous patch that added a bounds check for the create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without...

Linux Distros Unpatched Vulnerability : CVE-2023-1194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When ...

SUSE CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...

DEBIAN-CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...

CVE-2025-37962

CVE-2025-37962 affects the Linux kernel’s ksmbd code path, specifically a memory leak in parse_lease_state. The root cause: when the created lease context bounds check fails, the function returns NULL without freeing the previously allocated lease_ctx_info, causing a memory leak. The patch fixes ...

CVE-2025-37962 ksmbd: fix memory leak in parse_lease_state()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...

AZL-49421 CVE-2024-46742 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of leasectxinfo in smb2open null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate return NULL. Fix this by check if 'leasectxinfo' is NULL. Additionally,...

Use-after-free in parse_lease_state()

...

CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

DEBIAN-CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability that stems from an out-of-bounds read problem in the parseleasestate method of the KSMBD implementation of the...

SUSE CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...