Lucene search
K

1786 matches found

AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed an oops due to uninitialized variables. Fixed smb3inittransformrq, by initializing the buffer to NULL before calling netfsallocfolioqbuffer. This is because netfs assumes that it can append to the buffer it is give...

5.5CVSS6.7AI score0.00143EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of a null pointer dereference error in generateencryptionkey has been fixed. If a client sends two session setups with KRB5 authentication to ksmbd, a null pointer dereference error in generateencryptionkey can...

5.5CVSS5.8AI score0.07142EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Fixed a warning when reconnecting a channel. When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed to smb2reconnect using -queryinterface. This operation is uninitialized, so we cannot call...

5.5CVSS6.2AI score0.00148EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/31 8:9 a.m.4 views

smb: client: Fix refcount leak for cifs_sb_tlink

...

7.1CVSS7AI score0.00188EPSS
Exploits0
EUVD
EUVD
added 2025/10/30 12:31 p.m.4 views

EUVD-2025-36975

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

6AI score0.00188EPSS
Exploits0References6
CVE
CVE
added 2025/10/30 9:48 a.m.22 views

CVE-2025-40103

Summary: CVE-2025-40103 affects the Linux kernel CIFS client, where the refcount for cifs_sb_tlink can leak due to three missing refcount updates when calling cifs_sb_tlink()/cifs_put_tlink(). This can cause resource leaks. Root cause: refcount inconsistency in cifs_sb_tlink related paths. Impact...

6.2AI score0.00188EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/10/30 9:48 a.m.2 views

CVE-2025-40103

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

5.1AI score0.00188EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-40103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink...

5.8AI score0.00188EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/10/29 8:2 a.m.1 views

smb: client: fix crypto buffers in non-linear memory

...

7.1CVSS7AI score0.00197EPSS
Exploits0
CVE
CVE
added 2025/10/28 11:48 a.m.26 views

CVE-2025-40052

CVE-2025-40052 (Linux kernel, SMB/CIFS crypto path) fixes a bug where aead_request context could end up in vmalloc memory, causing sg_set_buf() to crash when virt_addr_valid(buf) fails under heavy parallel I/O. Root cause: creq allocation used kvzalloc(), potentially placing __ctx in vmalloc area...

6.2AI score0.00197EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/10/28 11:48 a.m.2 views

CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

5.4AI score0.00197EPSS
Exploits0
Oracle linux
Oracle linux
added 2025/10/28 12:0 a.m.10 views

kernel security update

5.14.0-570.58.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.3AI score0.00181EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.3 views

PT-2025-49449

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Server Message Block SMB client implementation, specifically in the smb2 query info compound function. A use-after-free condition can occur wh...

5.7CVSS5.3AI score0.00156EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/23 12:0 a.m.4 views

Impacket 0.13.0

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...

6.8AI score
Exploits0
Ubuntu
Ubuntu
added 2025/10/22 6:4 p.m.10 views

USN-7835-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

8.8CVSS7AI score0.00571EPSS
Exploits1
CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

DELL PowerScale OneFS License Bypass Vulnerability

DELL PowerScale OneFS is Dell's horizontally scalable clustered file system designed to manage unstructured data and support enterprise-class storage capabilities. An authorization bypass vulnerability exists in DELL PowerScale OneFS that originates from a user control key leading to authorizatio...

4.4CVSS6.8AI score0.00116EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.14 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2025:03615-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03615-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...

8CVSS6.9AI score0.21314EPSS
Exploits4References1183
Redos
Redos
added 2025/10/20 12:0 a.m.4 views

ROS-20251020-10

A vulnerability in the ksmbd component of the Linux operating system kernel is related to reading outside the allowed boundaries of the of the data buffer. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of smb2getdataarealen function in module...

8.1CVSS6.5AI score0.00814EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/20 12:0 a.m.12 views

Microsoft Windows SMB Client Improper Access Control Vulnerability

Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate...

8.8CVSS9AI score0.64987EPSS
In wildExploits6
CNVD
CNVD
added 2025/10/17 12:0 a.m.3 views

Microsoft Windows SMB Server Access Control Error Vulnerability

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. A security vulnerability exists in Microsoft Windows SMB Server that can be exploited by an...

7.5CVSS9AI score0.00992EPSS
Exploits0References1
Rows per page
Query Builder