19 matches found
EUVD-2025-11252
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return...
CVE-2022-49938 cifs: fix small mempool leak in SMB2_negotiate()
In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...
CVE-2022-49938
CVE-2022-49938 is a Linux kernel vulnerability in the CIFS SMB2_negotiation path. The issue is a small mempool leak in SMB2_negotiate() where, on certain dialect-mismatch failures, the code could exit without freeing the response buffer from mempool due to an incorrect -EIO handling. The fix tigh...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a null pointer dereference in allocpreauthhash. The client sends malformed SMB2 negotiate requests. ksmbd returns an error response. As a result, the client can still send SMB2 session setup requests even when...
SUSE CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
DEBIAN-CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
UBUNTU-CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
CVE-2025-22037 ksmbd: fix null pointer dereference in alloc_preauth_hash()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
CVE-2025-22037 ksmbd: fix null pointer dereference in alloc_preauth_hash()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
SUSE CVE-2022-47941
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error conditions, aka a memory leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue discovered in ksmbd where fs/ksmbd/smb2pdu.c omits the kfree call, also known as a memory leak, und...
PT-2022-33940 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15 through v5.15.60 Description: A memory leak issue was discovered in the smb2 handle negotiate function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-33615 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15 through v5.19.1 Description: A memory leak issue was discovered in the smb2 handle negotiate function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-6039 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.15 through 5.19 before 5.19.2 Description: An issue was discovered in ksmbd in the Linux kernel, related to a memory leak due to the omission of a kfree call in certain smb2 handle negotiate error conditions. This can ...
DEBIAN-CVE-2019-15918
An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...
Microsoft Windows SMB2 Negotiate Protocol Response Crash
import socket,sys,time print "Maliformed negotiate protocol response and quickly closing the connection causes Windows machines supporting SMB2 to crash." print "Written by Jelmer de Hen" print "Published at http://h.ackack.net/?p=387" smb = socket.socketsocket.AFINET, socket.SOCKSTREAM smb.bind"...
Immunity Canvas: SMB2_NEGOTIATE_LOCAL
Name| smb2negotiatelocal ---|--- CVE| CVE-2009-3103 Exploit Pack| CANVAS Description| SMB2 Negotiate Pointer Dereference Vulnerability Notes| CVE Name: CVE-2009-3103 VENDOR: Microsoft VersionsAffected: Repeatability: One shot References: http://blog.48bits.com/?p=510,...