CVE-2023-53358

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...

CVE-2023-32258

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

SUSE CVE-2023-3347

A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, suc...

CVE-2018-8444

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2...

VulnCheck KEV: CVE-2009-3103

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service system crash via an & ampersand character in a...

VulnCheck KEV: CVE-2009-2526

Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."...