Lucene search
K

47 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/23 2:20 a.m.8 views

SUSE CVE-2026-52911

In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookupall can find the session,...

5.8AI score0.00362EPSS
Exploits0References3
NVD
NVD
added 2026/06/21 8:16 a.m.17 views

CVE-2026-52911

In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookupall can find the session,...

8.8CVSS0.00362EPSS
Exploits0References7
CVE
CVE
added 2026/06/21 6:18 a.m.44 views

CVE-2026-52911

The CVE-2026-52911 vulnerability affects the Linux kernel ksmbd code path. When a SESSION_SETUP binds a connection (conn->binding = true), a global session lookup could incorrectly resolve sessions not actually added to the connection’s session list. The fix tightens the global lookup so that ...

8.8CVSS5.8AI score0.00362EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/21 6:18 a.m.8 views

CVE-2026-52911

In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookupall can find the session,...

5.7AI score0.00362EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.10 views

PT-2026-51201

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, a flaw exists where the conn-binding flag remains set after a SESSION SETUP call. Because this flag is connection-wide, the global session lookup function ksmbd...

8.8CVSS5.8AI score0.00362EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the...

8.8CVSS6AI score0.00362EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed a race condition between session lookup and expire operations. Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | //...

7CVSS6.4AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31476

In the Linux kernel, the following vulnerability has been resolved: ksmbd: do not expire session on binding failure When a multichannel session binding request fails e.g. wrong password, the error path unconditionally sets sess-state = SMB2SESSIONEXPIRED. However, during binding, sess points to t...

8.2CVSS0.00499EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:38 a.m.2 views

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

5.7AI score0.00454EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30577

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd module. Specifically, when a multichannel SMB2 SESSION SETUP request with SMB2 SESSION REQ FLAG BINDING fails, the conn-binding flag is...

8.8CVSS5.8AI score0.00454EPSS
Exploits0References24
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the binding state after a binding request fails, potentially leading to session...

8.8CVSS5.8AI score0.00454EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.4 views

SUSE CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References3
OSV
OSV
added 2026/01/23 3:16 p.m.8 views

AZL-78425 CVE-2025-71150 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.6AI score0.00118EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.6 views

CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS0.00118EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/01/23 3:16 p.m.3 views

CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References26
OSV
OSV
added 2026/01/23 3:16 p.m.3 views

UBUNTU-CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References28
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:15 p.m.3 views

CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/01/23 2:15 p.m.24 views

CVE-2025-71150

CVE-2025-71150 relates to a Linux kernel KSMD (ksmbd) refcount leak: when a session is found during session lookup but SMB2_SESSION_VALID is not set, the reference count for that session is not decremented. The patch fixes this by explicitly calling ksmbd_user_session_put to release the reference...

5.5CVSS5.2AI score0.00118EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/01/23 2:15 p.m.4 views

CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.3AI score0.00118EPSS
Exploits0
Rows per page
Query Builder