CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The “binding mark” of a reused connection was unset. Steve French reported a null pointer dereference error from the sha256 lib.cifs.ko library. The cifs.ko library can send session setup requests on reused connections. If...

5.5CVSS6.2AI score0.00024EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The issue related to “slab-use-after-free” in smb3preauthhashrsp has been fixed. The function ksmbdusersessionput should be called within smb3preauthhashrsp. This will prevent the session from being freed before calling...

7.8CVSS6.5AI score0.0002EPSS

Exploits0References2

Zero Day Initiative•added 2025/09/24 12:0 a.m.•4 views

Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the PreauthHashValue field. The issue results from the lack of proper locking...

8.5CVSS7.6AI score0.00073EPSS

Exploits1References1

AstraLinux•added 2025/06/16 11:28 a.m.•4 views

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS6.2AI score0.00109EPSS

Exploits0References3

SUSE CVE•added 2025/04/18 11:20 p.m.•2 views

SUSE CVE-2025-22037

5.5CVSS7.7AI score0.00109EPSS

Exploits0References3

OSV•added 2025/04/16 3:15 p.m.•2 views

DEBIAN-CVE-2025-22037

5.5CVSS5.5AI score0.00109EPSS

Exploits0References1

OSV•added 2025/04/16 3:15 p.m.•0 views

UBUNTU-CVE-2025-22037

5.5CVSS6.2AI score0.00109EPSS

Exploits0References25

Debian CVE•added 2025/04/16 2:11 p.m.•6 views

CVE-2025-22037

5.5CVSS5.5AI score0.00109EPSS

Exploits0

Microsoft CVE•added 2025/01/29 8:0 a.m.•2 views

ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

...

7.8CVSS7.7AI score0.0002EPSS

Exploits0

SUSE CVE•added 2024/11/19 3:49 a.m.•1 views

SUSE CVE-2024-50283

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

7.8CVSS7.4AI score0.0002EPSS

Exploits0References3

OSV•added 2024/11/19 2:16 a.m.•0 views

UBUNTU-CVE-2024-50283

7.8CVSS6.5AI score0.0002EPSS

Exploits0References30

Vulnrichment•added 2024/11/19 1:30 a.m.•5 views

CVE-2024-50283 ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

7.2AI score0.0002EPSS

Exploits0References5

OSV•added 2024/09/18 8:15 a.m.•3 views

AZL-49383 CVE-2024-46795 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...

5.5CVSS6.3AI score0.00024EPSS

Exploits0References1

OSV•added 2024/09/18 8:15 a.m.•1 views

DEBIAN-CVE-2024-46795

5.5CVSS5.6AI score0.00024EPSS

Exploits0References1

OSV•added 2024/09/18 8:15 a.m.•0 views

UBUNTU-CVE-2024-46795

5.5CVSS6.5AI score0.00024EPSS

Exploits0References18

Rows per page