Lucene search
+L

330 matches found

cnnvd
cnnvd
added 2026/01/13 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lock range check in ksmbd when size equals isize could result in an integer underflow...

5.8AI score0.00168EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2025/12/30 1:16 p.m.7 views

CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

5.7AI score0.00168EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2025/11/09 12:0 a.m.4 views

PT-2026-2518

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ksmbd module where a size underflow can occur during a lock-range check when the size equals the current file size, including zero. This happens becau...

4.6CVSS5.4AI score0.00168EPSS
Exploits0
nvd
nvd
added 2025/10/30 10:15 a.m.8 views

CVE-2025-40090

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix recursive locking in RPC handle list access Since commit 305853cce3794 "ksmbd: Fix race condition in RPC handle list access", ksmbdsessionrpcmethod attempts to lock sess-rpclock. This causes hung connections / tasks wh...

5.5CVSS0.00138EPSS
Exploits0References5
attackerkb
attackerkb
added 2025/10/28 11:48 a.m.5 views

CVE-2025-40039

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix race condition in RPC handle list access The 'sess-rpchandlelist' XArray manages RPC handles within a ksmbd session. Access to this list is intended to be protected by 'sess-rpclock' an rwsemaphore. However, the lockin...

5.3AI score0.00124EPSS
Exploits0References6Affected Software1
samba
samba
added 2025/10/15 12:0 a.m.9 views

Command injection via WINS server hook script

Description If a Samba server has WINS support enabled it is off by default, and it has a 'wins hook' parameter specified, the program specified by that parameter will be run whenever a WINS name is changed. The WINS server used by the Samba Active Directory Domain Controller did not validate the...

10CVSS7AI score0.40121EPSS
Exploits2
githubexploit
githubexploit
added 2025/10/08 6:20 p.m.311 views

Exploit for CVE-2025-38561

CVE-2025-38561 ksmbd: Preauh...

7AI score0.00391EPSS
Exploits1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-27219

Malware in sbrugna...

7.5CVSS7.6AI score0.00791EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-2402

Malware in sbrugna...

4CVSS6.1AI score0.03422EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-27225

Malware in sbrugna...

7.5CVSS7.6AI score0.00791EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-13447

Malware in sbrugna...

6.5CVSS6.7AI score0.02821EPSS
Exploits0References12
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-26963

Malware in sbrugna...

6.5CVSS6.3AI score0.02025EPSS
Exploits0References12
cve
cve
added 2025/09/04 3:33 p.m.34 views

CVE-2025-38711

CVE-2025-38711 : Linux kernel vulnerability fixed in smb/server deadlock scenario when linking with ReplaceIfExists. If smb2_create_link() is called with ReplaceIfExists and the target name exists, ksmbd_vfs_kern_path_locked() locks the parent, then ksmbd_vfs_remove_file() deletes the file, and k...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References9Affected Software1
osv
osv
added 2025/08/19 5:15 p.m.3 views

DEBIAN-CVE-2025-38561

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix PreauhHashValue race condition If client send multiple session setup requests to ksmbd, PreauhHashValue race condition could happen. There is no need to free sess-PreauhHashValue at session setup phase. It can be freed...

4.7CVSS5.4AI score0.00391EPSS
Exploits1References1
nessus
nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-32746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module,...

5.4CVSS6.8AI score0.01064EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/08/16 12:0 a.m.6 views

PT-2025-33600

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd component related to incorrect length validation of extended attribute ea buffers during SMB2 file operation handling. Specifically, the...

7.8CVSS7.8AI score0.02838EPSS
Exploits3References251
bdu_fstec
bdu_fstec
added 2025/07/28 12:0 a.m.9 views

The vulnerability of the smb.conf configuration file (/etc-ro/smb.conf) of the Tenda AC18 router-based Samba server allows a hacker to bypass existing security restrictions and gain unauthorized access to protected information.

The vulnerability of the smb.conf configuration file /etc-ro/smb.conf of the Tenda AC18 router-based Samba server is related to weak password requirements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected...

5.6CVSS6.1AI score0.00427EPSS
Exploits0References4Affected Software1
osv
osv
added 2025/06/06 2:15 p.m.5 views

ALPINE-CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

4.9CVSS6.5AI score0.00616EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:47 p.m.9 views

CVE-2021-40035

There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability...

7.5CVSS7.1AI score0.00791EPSS
Exploits0
osv
osv
added 2025/05/20 4:15 p.m.2 views

DEBIAN-CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parseleasestate The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocat...

5.5CVSS5.6AI score0.00149EPSS
Exploits0References1
Rows per page
Query Builder