330 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lock range check in ksmbd when size equals isize could result in an integer underflow...
CVE-2023-54250
In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...
PT-2026-2518
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ksmbd module where a size underflow can occur during a lock-range check when the size equals the current file size, including zero. This happens becau...
CVE-2025-40090
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix recursive locking in RPC handle list access Since commit 305853cce3794 "ksmbd: Fix race condition in RPC handle list access", ksmbdsessionrpcmethod attempts to lock sess-rpclock. This causes hung connections / tasks wh...
CVE-2025-40039
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix race condition in RPC handle list access The 'sess-rpchandlelist' XArray manages RPC handles within a ksmbd session. Access to this list is intended to be protected by 'sess-rpclock' an rwsemaphore. However, the lockin...
Command injection via WINS server hook script
Description If a Samba server has WINS support enabled it is off by default, and it has a 'wins hook' parameter specified, the program specified by that parameter will be run whenever a WINS name is changed. The WINS server used by the Samba Active Directory Domain Controller did not validate the...
Exploit for CVE-2025-38561
CVE-2025-38561 ksmbd: Preauh...
EUVD-2021-27219
Malware in sbrugna...
EUVD-2007-2402
Malware in sbrugna...
EUVD-2021-27225
Malware in sbrugna...
EUVD-2019-13447
Malware in sbrugna...
EUVD-2021-26963
Malware in sbrugna...
CVE-2025-38711
CVE-2025-38711 : Linux kernel vulnerability fixed in smb/server deadlock scenario when linking with ReplaceIfExists. If smb2_create_link() is called with ReplaceIfExists and the target name exists, ksmbd_vfs_kern_path_locked() locks the parent, then ksmbd_vfs_remove_file() deletes the file, and k...
DEBIAN-CVE-2025-38561
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...
Linux Distros Unpatched Vulnerability : CVE-2022-32746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module,...
PT-2025-33600
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd component related to incorrect length validation of extended attribute ea buffers during SMB2 file operation handling. Specifically, the...
The vulnerability of the smb.conf configuration file (/etc-ro/smb.conf) of the Tenda AC18 router-based Samba server allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.
The vulnerability of the smb.conf configuration file /etc-ro/smb.conf of the Tenda AC18 router-based Samba server is related to weak password requirements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected...
ALPINE-CVE-2025-0620
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...
CVE-2021-40035
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability...
DEBIAN-CVE-2025-37962
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...