Lucene search
K

1784 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed a UAF in smb20oplockbreakack. removed references after using opinfo...

7.1CVSS5.9AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

A use-after-free flaw was discovered in the smb2isstatusiotimeout function in CIFS within the Linux kernel. After CIFS transfers response data via a system call, there are still local variables pointing to the memory region. If the system call frees those pointers faster than CIFS uses them, CIFS...

6.5CVSS6.7AI score0.01094EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in smb2isvalidoplockbreak. Skipped sessions that are being torn down status == SESEXITING to avoid UAF...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed a buffer overflow issue when parsing NFS reparse points. ReparseDataLength is the sum of the InodeType size and the DataBuffer size. To obtain the DataBuffer size, it is necessary to subtract the InodeType size fro...

7.8CVSS6.8AI score0.00333EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Do not log keys during SMB3 signing and encryption key generation. When the KSMBDDEBUGAUTH logging option is enabled, the functions generatesmb3signingkey and generatesmb3encryptionkey log the bytes of the session, signing...

8.1CVSS5.7AI score0.00248EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the handling of the SMB2TREECONNECT and SMB2QUERYINFO commands. The issue arises from the lack of proper validation of a pointer before accessing it. An...

7.5CVSS6.4AI score0.0406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 6.1

A out-of-bounds read vulnerability was discovered in smb2dumpdetail in the fs/smb/client/smb2ops.c file within the Linux kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS6.6AI score0.00427EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized server-smbdconn during reconnection. In smbddestroy, the pointer to server-smbdconn is cleared after freeing the smbdconnection struct it points to, so that reconnection won’t be confused...

5.5CVSS6.1AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: Client: Avoid double-free operations in smbdfreesendio after smbdsendbatchflush. smbdsendbatchFlush already calls smbdfreesendio; therefore, we should not call it again after smbdpostsend. It has been moved to the batch...

9.8CVSS5.8AI score0.00457EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: The system now validates the entire DACL before rewriting it using cifsacl. The functions buildsecdesc and idmodetocifsacl derive a pointer to the DACL from a dacloffset provided by the server. They then use the...

8.8CVSS5.8AI score0.00308EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed a double-free race that occurs when the mount operation fails in cifsgetroot When cifsgetroot fails during cifssmb3domount, we call deactivatelockedsuper, which will eventually call delayedfree, which frees the...

7.8CVSS6AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: Client: Fixed issue where reference counting of @ses was missed. Use the new cifssmbsesincrefcount helper function to obtain an active reference to @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses from...

5.3AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb/client: Avoid referencing rdata=NULL in smb2newreadreq. This occurs when calling from SMB2read while using rdma, and when reaching the rdmareadwritethreshold...

5.5CVSS5.9AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fix deadlock in smb2findsmbtcon Unlock cifstcpseslock before calling cifsputsmbses to avoid such deadlocks...

5.5CVSS6AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the issue where a memory leak occurred after the session was logged off. There is an issue between the SMB2 session logging-off process and the SMB2 session setup process. This issue causes a memory leak after the...

7.8CVSS6.4AI score0.00209EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of a null pointer dereference error in generateencryptionkey has been fixed. If a client sends two session setups with KRB5 authentication to ksmbd, a null pointer dereference error in generateencryptionkey can...

5.5CVSS5.8AI score0.07142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed “ksmbd: validate command payload size”, except for the SMB2OPLOCKBREAKHE command, the request size of other commands is not checked—this is not expected. This issue was...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Check outstanding simultaneous SMB operations If a client sends multiple SMB requests to ksmbd, it may exhaust too much memory through the “ksmbdworkcache”. This can lead to an Out-of-Memory error OOM. ksmbd has a credit...

5.5CVSS6.2AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails, ksmbd sets conn-binding = true, but never clears this value during the error path. As a result, the connection remains in a binding state,...

8.8CVSS5.2AI score0.00454EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized variables. Fixed the smb3inittransformrq function by initializing the buffer to NULL before calling netfsallocfolioqbuffer. This is because netfs assumes that it can append to the buffer i...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References2
Rows per page
Query Builder