UBUNTU-CVE-2026-46155

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

EUVD-2026-32782

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

CVE-2026-46155 smb/client: fix out-of-bounds read in smb2_compound_op()

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: preventing use-after-free by freeing the cfile later. In smb2compoundop, there is a potential use-after-free issue that may lead to difficult debugging problems in the future. This issue was identified during stress testing...

kernel: Linux kernel: Denial of Service via resource leak in SMB2 compound operations

A flaw was found in the Linux kernel. An inconsistent update of the reference count in the smb2compoundop function, particularly during memory allocation failures, could lead to resource leaks. A local attacker could exploit this to cause a Denial of Service DoS by exhausting system resources...

CVE-2025-39975

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2compoundop In smb2compoundop, the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling o...

CVE-2025-39975

CVE-2025-39975 affects the Linux kernel smb client code path: smb2_compound_op() uses incorrect indices when processing each command’s response, causing improper handling of command results. If the computed index reaches MAX_COMPOUND, this can trigger out-of-bounds accesses. The issue is resolved...

CVE-2023-53377

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...

CVE-2023-53377

Technical details for CVE-2023-53377 are not publicly provided in the supplied Connected documents. The materials only show the vulnerability description without explicit affected products/versions or remediation specifics. Monitor for official disclosures.

Linux Distros Unpatched Vulnerability : CVE-2025-39819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to...

SUSE CVE-2025-39819

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment secti...

CVE-2025-39819 fs/smb: Fix inconsistent refcnt update

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment secti...

CVE-2025-39819 fs/smb: Fix inconsistent refcnt update

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment secti...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inconsistent reference count update in the smb2compoundop function, which could lead to a resource leak...

DEBIAN-CVE-2024-46796

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2setpathsize If smb2compoundop is called with a valid @cfile and returned -EINVAL, we need to call cifsgetwritablepath before retrying it as the reference of @cfile was already dropped ...

UBUNTU-CVE-2024-46796

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2setpathsize If smb2compoundop is called with a valid @cfile and returned -EINVAL, we need to call cifsgetwritablepath before retrying it as the reference of @cfile was already dropped ...

PT-2024-6855

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52 Description The vulnerability is related to a use-after-free issue in the smb2 set path size function. When smb2 compound op is called with a valid @cfile and returns -EINVAL, the reference to @cfile is...