Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-11252

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.28222EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-49938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return...

5.5CVSS6.7AI score0.00149EPSS
Exploits0References4
OSV
OSV
added 2025/06/18 10:54 a.m.5 views

CVE-2022-49938 cifs: fix small mempool leak in SMB2_negotiate()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

5.5CVSS6AI score0.00149EPSS
Exploits0References6
CVE
CVE
added 2025/06/18 10:54 a.m.93 views

CVE-2022-49938

CVE-2022-49938 is a Linux kernel vulnerability in the CIFS SMB2_negotiation path. The issue is a small mempool leak in SMB2_negotiate() where, on certain dialect-mismatch failures, the code could exit without freeing the response buffer from mempool due to an incorrect -EIO handling. The fix tigh...

5.5CVSS6.5AI score0.00149EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a null pointer dereference in allocpreauthhash. The client sends malformed SMB2 negotiate requests. ksmbd returns an error response. As a result, the client can still send SMB2 session setup requests even when...

5.5CVSS6.1AI score0.28222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/04/18 11:20 p.m.4 views

SUSE CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS7.7AI score0.28222EPSS
Exploits0References3
OSV
OSV
added 2025/04/16 3:15 p.m.3 views

DEBIAN-CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS5.5AI score0.28222EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 3:15 p.m.9 views

CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS0.28222EPSS
Exploits0References6
OSV
OSV
added 2025/04/16 3:15 p.m.1 views

UBUNTU-CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS6.2AI score0.28222EPSS
Exploits0References25
OSV
OSV
added 2025/04/16 2:11 p.m.9 views

CVE-2025-22037 ksmbd: fix null pointer dereference in alloc_preauth_hash()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

5.5CVSS6.1AI score0.28222EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/04/16 2:11 p.m.13 views

CVE-2025-22037 ksmbd: fix null pointer dereference in alloc_preauth_hash()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

0.28222EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-47941

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error conditions, aka a memory leak...

7.5CVSS6.5AI score0.04906EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue discovered in ksmbd where fs/ksmbd/smb2pdu.c omits the kfree call, also known as a memory leak, und...

7.5CVSS6.8AI score0.04906EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.1 views

PT-2022-33940 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15 through v5.15.60 Description: A memory leak issue was discovered in the smb2 handle negotiate function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.2 views

PT-2022-33615 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15 through v5.19.1 Description: A memory leak issue was discovered in the smb2 handle negotiate function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/07/31 12:0 a.m.6 views

PT-2022-6039 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.15 through 5.19 before 5.19.2 Description: An issue was discovered in ksmbd in the Linux kernel, related to a memory leak due to the omission of a kfree call in certain smb2 handle negotiate error conditions. This can ...

9.8CVSS7AI score0.58461EPSS
Exploits29References203
OSV
OSV
added 2019/09/04 7:15 p.m.2 views

DEBIAN-CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...

7.8CVSS6.7AI score0.00602EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2010/05/07 12:0 a.m.32 views

Microsoft Windows SMB2 Negotiate Protocol Response Crash

import socket,sys,time print "Maliformed negotiate protocol response and quickly closing the connection causes Windows machines supporting SMB2 to crash." print "Written by Jelmer de Hen" print "Published at http://h.ackack.net/?p=387" smb = socket.socketsocket.AFINET, socket.SOCKSTREAM smb.bind"...

7.4AI score
Exploits0
canvas
canvas
added 2009/09/08 10:30 p.m.52 views

Immunity Canvas: SMB2_NEGOTIATE_LOCAL

Name| smb2negotiatelocal ---|--- CVE| CVE-2009-3103 Exploit Pack| CANVAS Description| SMB2 Negotiate Pointer Dereference Vulnerability Notes| CVE Name: CVE-2009-3103 VENDOR: Microsoft VersionsAffected: Repeatability: One shot References: http://blog.48bits.com/?p=510,...

10CVSS9.4AI score0.90121EPSS
Exploits20
Rows per page
Query Builder