AZL-78425 CVE-2025-71150 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

CVE-2025-40285

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...

CVE-2025-40285

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...

CVE-2025-40285 smb/server: fix possible refcount leak in smb2_sess_setup()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...

CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

CVE-2025-0620 Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

CVE-2025-0620

CVE-2025-0620 affects Samba (smbd) where group membership changes are not picked up during re-authentication of an expired SMB session, potentially exposing file shares until clients disconnect and reconnect. The issue is documented across multiple distributions; a practical remediation is upgrad...

UBUNTU-CVE-2025-37899

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess-user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for...

UBUNTU-CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

CVE-2023-52752

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...

Metasploit Weekly Wrap-Up: Dec. 15, 2023

Continuing the 12th Labor of Metasploit Metasploit continues its Herculean task of increasing our toolset to tame Kerberos by adding support for ASREP Roasting, which allows retrieving the password hashes of users who have Do not require Kerberos preauthentication set on the domain controller. Th...

USN-6338-1 linux, linux-aws, linux-aws-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

CVE-2022-32230

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death BSOD crash of the Windows kernel. For most...

Null pointer dereference

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death BSOD crash of the Windows kernel. For most...

CVE-2022-32230 SMBv3 FileNormalizedNameInformation NULL Pointer Dereference

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death BSOD crash of the Windows kernel. For most...

SMB-Session-Spoofing - Tool To Create A Fake SMB Session

Welcome! This is a utility that can be compiled with Visual Studio 2019 or newer. The goal of this program is to create a fake SMB Session. The primary purpose of this is to serve as a method to lure attackers into accessing a honey-device. This program comes with no warranty or guarantees. Progr...

Microsoft Windows: Microsoft network server: Amount of idle time required before suspending session

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winnsidletimesuspending.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Microsoft network server: Amount of idle time required before suspending session Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...

Microsoft Word 2010 Service Pack 2 Information Disclosure Vulnerability (KB4018359)

This host is missing an important security update according to Microsoft KB4018359 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2000-0885

Buffer overflows in Microsoft Network Monitor Netmon allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is high...