Lucene search
K

585 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.6 views

SUSE CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:7 a.m.6 views

SUSE CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.8AI score0.00119EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the owner of the durable handle upon reconnection. Currently, ksmbd does not verify whether the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any...

8.8CVSS5.8AI score0.00437EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.16 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2336)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

9.8CVSS6.7AI score0.96267EPSS
Exploits232References84
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.13 views

SUSE CVE-2026-46185

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...

5.5CVSS5.7AI score0.00513EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/28 9:36 a.m.14 views

EUVD-2026-32812

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...

5.7AI score0.00513EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:18 p.m.51 views

CVE-2026-45972

The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection when handling a DURABLEREQV2 context with SMB2FLAGSREPLAYOPERATION...

9.8CVSS5.8AI score0.0029EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...

8.1CVSS6.7AI score0.02393EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.9. ksmbd does not validate the SMB request protocol ID, resulting in an out-of-bounds read...

9.1CVSS6.7AI score0.01059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw resides in the handling of SMB2SESSIONSETUP commands. The problem arises due to a lack of control over resource consumption. An attacker can exploit this vulnerability to...

7.5CVSS6.7AI score0.03872EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.10. The file fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, resulting in a out-of-bounds read...

9.1CVSS6.6AI score0.02378EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an issue where shareconf was freed after use, in compound requests. smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks that tstate is equal to...

9.8CVSS5.5AI score0.00331EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/17 4:33 a.m.280 views

Eternalblue-ms17-010-lab

01-EternalBlue-MS17-010-README.mdhttps://github.com/user-atta...

9.3CVSS7.5AI score0.93307EPSS
Exploits47
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28668

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

5.8AI score0.00217EPSS
Exploits0References6
OSV
OSV
added 2026/05/08 3:16 p.m.23 views

UBUNTU-CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS5.7AI score0.00217EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43378

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

9.8CVSS5.7AI score0.00308EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.34 views

CVE-2026-43362 smb: client: fix in-place encryption corruption in SMB2_write()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS0.00217EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.8 views

PT-2026-39040

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the smb lazy parent lease break close function. The opinfo pointer, obtained via rcu dereferencefp-f opinfo, is accessed after rcu read unlock is called...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References8
Ubuntu
Ubuntu
added 2026/05/04 11:40 a.m.10 views

USN-8227-1: curl vulnerabilities

It was discovered that curl incorrectly reused non-TLS connections when TLS was required in some STARTTLS configurations. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2026-4873 It was discovered that curl incorrectly reused certain HTTP Negotiate connection...

7.5CVSS5.8AI score0.00639EPSS
Exploits7
Rows per page
Query Builder