Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options “multichannel, maxChannels=2,...

7.8CVSS6.7AI score0.00241EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.23 views

SUSE CVE-2026-31708

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...

8.1CVSS5.9AI score0.00307EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : kernel-5.14.0-162.6.1.el9_1 (AXSA:2023-4648:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4648:01 advisory. off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 use-after-free vulnerability in function scosocksendmsg...

7.8CVSS7.3AI score0.12746EPSS
Exploits30References31
SUSE CVE
SUSE CVE
added 2025/12/09 12:24 a.m.5 views

SUSE CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References21
EUVD
EUVD
added 2025/12/08 3:31 a.m.5 views

EUVD-2025-201625

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

5.9AI score0.00162EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/08 12:0 a.m.6 views

CVE-2025-40320

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential cfid UAF in smb2queryinfocompound When smb2queryinfocompound retries, a previously allocated cfid may have been freed in the first attempt. Because cfid wasn't reset on replay, later cleanup could act o...

5.7AI score0.00162EPSS
Exploits0References21
OSV
OSV
added 2024/05/21 4:15 p.m.8 views

UBUNTU-CVE-2023-52751

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options...

7.8CVSS6.6AI score0.00241EPSS
Exploits0References8
OSV
OSV
added 2023/07/24 4:15 p.m.7 views

AZL-27760 CVE-2023-32248 affecting package kernel for versions less than 5.15.126.1-1

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...

7.5CVSS6.7AI score0.0406EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/05/20 2:16 a.m.4 views

SUSE CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...

7.5CVSS6.4AI score0.0406EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.2 views

SUSE CVE-2022-47942

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in setntacldacl, related to use of SMB2QUERYINFOHE after a malformed SMB2SETINFOHE command...

8.8CVSS6.9AI score0.03576EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2022/12/31 8:0 a.m.3 views

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.

...

8.8CVSS7AI score0.03576EPSS
Exploits0
Rows per page
Query Builder