1784 matches found
CVE-2026-43378
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...
CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
CVE-2026-43362
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...
CVE-2026-43350
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
CVE-2026-43350
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
CVE-2026-43350 smb: client: require a full NFS mode SID before reading mode bits
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
CVE-2026-43350
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd’s ability to record key bytes during SMB3 signature and encryption key generation, potentially...
CVE-2024-27686
CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
Mikrotik RouterOS 资源管理错误漏洞
Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There were resource management vulnerabilities in the Mikrotik RouterOS x86 version 6.40.5 to 6.49.10. These vulnerabilities stemmed from the SMB service’s handling of specially crafted packets...
PT-2026-39023
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10 Description A flaw exists in the SMB client where the SMB2 write function places the write payload in iov1..n as part of rq iov. Because smb3 init transform rq pointer-shares rq iov, the crypt message functi...
CVE-2024-27686
Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...
PT-2026-39001
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB client where the parse dacl function incorrectly handles Access Control Entry ACE SIDs. The function treats an ACE SID matching sid unix NFS mode as an NFS mode...
CVE-2026-43239
A flaw was found in the Linux kernel's Server Message Block SMB client. A race condition exists where multiple operations attempting to update network interfaces could execute simultaneously. This concurrency issue could lead to an inconsistent state within the SMB client, potentially causing...
EUVD-2026-27800
In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in -queryinterfaces It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating ifacelastupdate under ifacelock...
CVE-2026-43239
In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in -queryinterfaces It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating ifacelastupdate under ifacelock...
CVE-2026-43112
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...
CVE-2026-43112
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...